acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide)

Close

acquiredsecurity / SentinelOne-ThreatHunting-and-XDR-GuideView on GitHubMore

• External links
• Readme badge

Beginners Guide to Hunting for Threats

☆19Apr 26, 2025Updated 11 months ago

Alternatives and similar repositories for SentinelOne-ThreatHunting-and-XDR-Guide

Users that are interested in SentinelOne-ThreatHunting-and-XDR-Guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• acquiredsecurity / Sentinel-One-STAR-Rules-Threat-Hunts

  View on GitHub
  SentinelOne STAR Rules
  ☆75Feb 11, 2025Updated last year
• ItzHerbie / KQL

  View on GitHub
  Detection rules and threat hunting queries in Defender XDR and Azure Sentinel
  ☆16Mar 13, 2026Updated last month
• olafhartong / sysmon-parser

  View on GitHub
  Automatically generated Sysmon parser for Azure Sentinel
  ☆18Jan 6, 2026Updated 3 months ago
• dariommr / scripts

  View on GitHub
  Personal scripts
  ☆15Sep 11, 2024Updated last year
• PidgeyL / MISP-Extractor

  View on GitHub
  Extract information from MISP via the API
  ☆16Jul 18, 2016Updated 9 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• 0xrawsec / golang-misp

  View on GitHub
  Golang Library to interact with your MISP instance
  ☆22Sep 12, 2019Updated 6 years ago
• joeavanzato / velociraptor-timeline-creator

  View on GitHub
  VTC - Velociraptor Timeline Creator
  ☆19May 15, 2024Updated last year
• Azure / Azure-Sentinel-BYOML

  View on GitHub
  Azure-Sentinel-BYOML
  ☆13Nov 8, 2019Updated 6 years ago
• juanandresgs / Proj-0xA11c

  View on GitHub
  ☆17Nov 13, 2024Updated last year
• ml58158 / AzureOpenAI-Playbook

  View on GitHub
  Azure OpenAI Playbook created for Microsoft Sentinel
  ☆13May 2, 2024Updated last year
• AndrewBlumhardt / SentinelReconTools

  View on GitHub
  Sentinel Recon Tools Workbook
  ☆14Aug 24, 2022Updated 3 years ago
• hxhBrofessor / PrivEsc-MindMap

  View on GitHub
  ☆14Dec 2, 2020Updated 5 years ago
• MSSAPSCA1 / Azure_Sentinel

  View on GitHub
  Bulk turn on Analytic rules in Azure Sentinel
  ☆19Oct 7, 2021Updated 4 years ago
• sentinel-hub / example-notebooks

  View on GitHub
  Miscellaneous notebooks to use with Sentinel Hub
  ☆20Aug 28, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• hashicorp / sentinel-github-actions

  View on GitHub
  ☆16Feb 20, 2026Updated last month
• 0xbythesecond / Azure-SOC-Honeynet-Project

  View on GitHub
  Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace
  ☆24Jul 19, 2023Updated 2 years ago
• inhashed / thehive-sentinel-integration

  View on GitHub
  Integration tools for TheHive and Azure Sentinel
  ☆13Sep 23, 2020Updated 5 years ago
• chihebchebbi / Azure-Sentinel-Report-Generator

  View on GitHub
  ☆14Feb 22, 2021Updated 5 years ago
• rudneir2 / Microsoft-Cloud-Security-map

  View on GitHub
  putting all together: customer environment, some threats, azure security services, Microsoft 365 Defender services, Azure monitor service…
  ☆17Apr 11, 2022Updated 4 years ago
• olafhartong / Sentinel-template-parser

  View on GitHub
  Azure Sentinel Template parser
  ☆16Nov 2, 2020Updated 5 years ago
• rod-trent / AzureSentinelMisc

  View on GitHub
  Miscellaneous Azure Sentinel files that don't fall into other categories.
  ☆13Aug 23, 2021Updated 4 years ago
• SubashGhimire / Hunting-Queries-and-Detection-Rule-Microsoft-Sentinel-Defender

  View on GitHub
  KQL Sentinel and Defender Detection and Hunting Queries.
  ☆16Feb 24, 2026Updated last month
• Marantral / aMALgamous

  View on GitHub
  Shell and Pen-testing Tool
  ☆17May 14, 2025Updated 11 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• garybushey / AzSentinelAnalyticsRules

  View on GitHub
  PowerShell commands to export the Azure Sentinel Rule Templates to a CSV and to create the Rules from selected entries in the CSV file
  ☆17Oct 31, 2024Updated last year
• EricZimmerman / TLEFilePlugins

  View on GitHub
  Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…
  ☆32May 5, 2025Updated 11 months ago
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting

  View on GitHub
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆15Aug 15, 2022Updated 3 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook

  View on GitHub
  Send High & New Incidents to The Hive incident management Platform
  ☆18Feb 13, 2021Updated 5 years ago
• h0ffayyy / MicrosoftSentinelStuff

  View on GitHub
  Misc. content for Microsoft Sentinel
  ☆17Apr 12, 2024Updated 2 years ago
• keyboardcrunch / sentinelone-queries

  View on GitHub
  Repository of SentinelOne Deep Visibility queries.
  ☆135Jun 30, 2021Updated 4 years ago
• gsiddharth29 / Threat-Hunting

  View on GitHub
  Threat Hunt Investigation Methodology and Procedure
  ☆15Jul 11, 2022Updated 3 years ago
• acquiredsecurity / forensic-timeliner

  View on GitHub
  A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…
  ☆316Feb 26, 2026Updated last month
• Kaidja / AzSentinelPowerShell

  View on GitHub
  Azure Sentinel PowerShell cmdlets
  ☆20Mar 28, 2022Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• keyboardcrunch / SentinelOne-ATTACK-Queries

  View on GitHub
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆94Jan 11, 2021Updated 5 years ago
• DaKheera47 / strong-statistics

  View on GitHub
  Self‑hosted strength‑training analytics for Strong app exports. Import your CSV, see PRs, volume trends, rep ranges, and workout history …
  ☆24Nov 11, 2025Updated 5 months ago
• bigsnarfdude / Malware-Probabilistic-Data-Structres

  View on GitHub
  NSRL BloomFilter, Mandiant BloomFilter, Hyperloglog Malware Data Structure
  ☆15Mar 14, 2014Updated 12 years ago
• deanobalino / SentinelWorkshop

  View on GitHub
  Azure Sentinel Workshop
  ☆18Jun 5, 2021Updated 4 years ago
• khr0x40sh / PowerW0rm

  View on GitHub
  ☆16May 6, 2015Updated 10 years ago
• scautomation / Bicep-AzureMonitor-Sentinel

  View on GitHub
  Bicep examples repo for log analytics, azure monitor and sentinel
  ☆26Mar 16, 2023Updated 3 years ago
• zolderio / misp-to-sentinel

  View on GitHub
  Azure function to insert MISP data in to Azure Sentinel
  ☆34Oct 19, 2022Updated 3 years ago