Alternatives and similar repositories for XDR_Queries:

Users that are interested in XDR_Queries are comparing it to the libraries listed below

• Kaidja / Defender-for-Endpoint
  Defender for Endpoint
  ☆27Updated 7 months ago
• Kaidja / EntraID
  Automation around Entra ID
  ☆34Updated 2 months ago
• davidhowell-tx / PS-SentinelOne
  PowerShell module for SentinelOne API
  ☆65Updated last year
• anthonws / MDATP_PoSh_Scripts
  ☆48Updated 7 months ago
• Truvis / Sentinel
  ☆27Updated 5 months ago
• simon-r-watson / SophosCentral
  Sophos Central PowerShell module
  ☆10Updated last year
• alexverboon / SentinelTIUploadToolkit
  Sentinel Threat Intelligence Upload Toolkit
  ☆12Updated 7 months ago
• thalpius / Microsoft-Defender-for-Identity-Log-Analyzer
  ☆18Updated 8 months ago
• jkerai1 / SoftwareCertificates
  Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC
  ☆28Updated this week
• EvotecIT / PowerShellManager
  Little PowerShell module to extract PowerShell scripts that no longer exists on disk but were run and are still in Event Logs.
  ☆40Updated 4 years ago
• KnudsenMorten / ClientInspectorV2
  ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …
  ☆25Updated last year
• JeffMichelmore / MDEKit
  ☆41Updated last year
• Semperis / PK-AADAppReg
  ☆27Updated 2 months ago
• ThomasVrhydn / MDE-troubleshooter
  This tool is designed to assist you in analyzing issues related to Defender for Endpoint on your local endpoint. It offers a centralized …
  ☆54Updated last week
• alexverboon / PSMDATP
  PowerShell Module for managing Microsoft Defender Advanced Threat Protection
  ☆71Updated 2 years ago
• THEVER1TAS / sysmon-config
  Sysmon configuration file templates with advanced event tracing and blocking
  ☆39Updated last week
• msdirtbag / MDE-Quickstart
  MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore
  ☆66Updated 2 years ago
• Kili69 / Tier0-User-Management
  Maintain Tier 0 users. This script take care all Tier 0 users are in the correct OU or in the default user container and add the Kerberos…
  ☆57Updated 3 months ago
• Trimarc / Invoke-TrimarcADChecks
  The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…
  ☆42Updated last year
• ugurkocde / KQL-Search
  ☆30Updated last year
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆39Updated 4 years ago
• vradchenko / PowerShell-SentinelOne
  PowerShell module for SentinelOne API
  ☆28Updated 3 years ago
• nathanmcnulty / MMS2024FLL
  ☆16Updated 3 months ago
• YongRhee-MDE / LiveResponse
  M365 MDATP Live Response sample scripts
  ☆66Updated 3 months ago
• JesseEsquivel / MDATP
  Microsoft Defender Advanced Threat Protection
  ☆43Updated 4 months ago
• vreguibar / EguibarIT
  Root module for creating Tier Model / Delegation Model on Active Directory
  ☆18Updated this week
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 3 months ago
• olafhartong / WDACme
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆28Updated 2 years ago
• rucam / defender-comparison
  ☆59Updated 11 months ago
• gkm-automation / AD-Security-Assessment
  Perform general security checks against AD environment
  ☆66Updated 2 years ago