TheCloudScout/m365defender-adx

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/TheCloudScout/m365defender-adx)

TheCloudScout / m365defender-adx

☆22

Alternatives and similar repositories for m365defender-adx

Users that are interested in m365defender-adx are comparing it to the libraries listed below

Sorting:

nicolonsky / AzureAiTMFunction
View on GitHub
Azure AiTM Function PoC to phish Entra ID Credentials
☆28Nov 21, 2025Updated 3 months ago
msdirtbag / ADXFlowmaster
View on GitHub
ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
☆39Oct 30, 2024Updated last year
Var5h1l / KQLIntel
View on GitHub
KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…
☆29Aug 4, 2025Updated 7 months ago
JeffMichelmore / MDEKit
View on GitHub
☆43Oct 11, 2023Updated 2 years ago
ItzHerbie / KQL
View on GitHub
Detection rules and threat hunting queries in Defender XDR and Azure Sentinel
☆16Feb 11, 2026Updated 3 weeks ago
i-am-shodan / Seahaven
View on GitHub
Generate test data that is not only realistic but also contextually meaningful
☆27Jun 30, 2023Updated 2 years ago
christosgalano / sKaleQL
View on GitHub
sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…
☆19May 20, 2025Updated 9 months ago
mr-r3b00t / KQL
View on GitHub
This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet
☆13Jan 24, 2026Updated last month
HCRitter / PSCommitSecretScanner
View on GitHub
This Module Helps to Scan a Commit History of a Repo for Leakage of Secrets
☆15Apr 26, 2025Updated 10 months ago
FalconForceTeam / reply-url-brute
View on GitHub
Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure
☆15Jan 23, 2025Updated last year
LearningKijo / ResearchDev
View on GitHub
ResearchDev - XDR & SIEM Detection
☆67Apr 16, 2025Updated 10 months ago
alexverboon / SentinelTIUploadToolkit
View on GitHub
Sentinel Threat Intelligence Upload Toolkit
☆18Jul 15, 2024Updated last year
mardahl / ExchangeOnlineScripts
View on GitHub
Powershell scripts meant to assist administrators of Exchange Online
☆16Jan 15, 2026Updated last month
jsa2 / kql
View on GitHub
KQL for Azure Resource Manager and AppID search
☆23Aug 15, 2024Updated last year
Azure / MDTI-Solutions
View on GitHub
Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
☆80Sep 9, 2024Updated last year
svrooij / TokenMagician
View on GitHub
PowerShell module to help getting tokens using managed identities
☆17Dec 29, 2024Updated last year
jsa2 / EAST
View on GitHub
Extensible Azure Security Tool - Documentation
☆83Jun 1, 2023Updated 2 years ago
0xAnalyst / DefenderATPQueries
View on GitHub
Hunting Queries for Defender ATP
☆83Dec 14, 2025Updated 2 months ago
javiersoriano / sentinelascode
View on GitHub
Enable the automatic deployment of Azure Sentinel using code
☆118May 3, 2022Updated 3 years ago
msdirtbag / MicrosoftPurpleTeamToolkit
View on GitHub
☆45Apr 10, 2024Updated last year
Yaniv-Shasha / SecurityCopilot
View on GitHub
☆20Jan 19, 2026Updated last month
Azure / MDEASM-Solutions
View on GitHub
Solutions developed by the MDEASM Customer Experience Engineering (CxE) Go-To Production (GTP) team for Azure MDEASM
☆29Feb 3, 2025Updated last year
ManuelBerrueta / urlyzer
View on GitHub
urlyzer is a URL parsing analysis tool.
☆24Jul 27, 2024Updated last year
le0li9ht / Microsoft-Sentinel-Queries
View on GitHub
KQL queries for cyber defense and for solving daily issues
☆55Jul 28, 2025Updated 7 months ago
scautomation / Bicep-AzureMonitor-Sentinel
View on GitHub
Bicep examples repo for log analytics, azure monitor and sentinel
☆26Mar 16, 2023Updated 2 years ago
m4nbat / KustQueryLanguage_kql
View on GitHub
Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
☆68Dec 7, 2025Updated 3 months ago
olafhartong / WDACme
View on GitHub
A WDAC configuration repository with the sole intention of enriching MDE
☆30Jun 18, 2025Updated 8 months ago
DanielChronlund / DCToolbox
View on GitHub
Tools for Microsoft cloud fans
☆372Nov 26, 2024Updated last year
cudeso / misp2sentinel
View on GitHub
MISP to Sentinel integration
☆79Feb 6, 2026Updated last month
Atomics-on-A-Friday / Emulation-Tools
View on GitHub
☆31Mar 21, 2023Updated 2 years ago
JamesGrahamMSFT / DefenderMasterclass1
View on GitHub
This is a repository for the Microsoft Defender Masterclass series.
☆30Jun 28, 2021Updated 4 years ago
microsoft / MicrosoftAzureCloudHSM
View on GitHub
Azure Cloud HSM SDK
☆17Updated this week
ep3p / Sentinel_KQL
View on GitHub
In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…
☆134Dec 18, 2025Updated 2 months ago
Squiblydoo / certReport
View on GitHub
A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.
☆40Feb 19, 2026Updated 2 weeks ago
referefref / sinon
View on GitHub
Automation tool for Windows Deception Host Burn-In
☆86Dec 4, 2024Updated last year
thenikk / Oceanleaf
View on GitHub
Content from my blog.
☆36May 5, 2025Updated 10 months ago
reecdeep / hollowise
View on GitHub
Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
☆38Feb 20, 2025Updated last year
davidnx / baby-kusto-csharp
View on GitHub
A self-contained execution engine for the Kusto Query Language (KQL) written in C#
☆38Sep 29, 2023Updated 2 years ago
KnudsenMorten / AzLogDcrIngestPS
View on GitHub
AzLogDcrIngestPS - Unleashing the power of Log Ingestion API with Azure LogAnalytics custom table v2, Azure Data Collection Rules and Azu…
☆33Jan 26, 2025Updated last year