acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/acquiredsecurity/SentinelOne-ThreatHunting-and-XDR-Guide)

Close

acquiredsecurity / SentinelOne-ThreatHunting-and-XDR-GuideView on GitHubMore

• External links
• Readme badge

Beginners Guide to Hunting for Threats

☆19Apr 26, 2025Updated last year

Alternatives and similar repositories for SentinelOne-ThreatHunting-and-XDR-Guide

Users that are interested in SentinelOne-ThreatHunting-and-XDR-Guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• ItzHerbie / KQL

  View on GitHub
  Detection rules and threat hunting queries in Defender XDR and Azure Sentinel
  ☆17Mar 13, 2026Updated last month
• olafhartong / sysmon-parser

  View on GitHub
  Automatically generated Sysmon parser for Azure Sentinel
  ☆18Jan 6, 2026Updated 3 months ago
• PidgeyL / MISP-Extractor

  View on GitHub
  Extract information from MISP via the API
  ☆16Jul 18, 2016Updated 9 years ago
• EricZimmerman / Issues

  View on GitHub
  This is a repository for reporting any issues in any of my software
  ☆13May 15, 2018Updated 7 years ago
• 0xrawsec / golang-misp

  View on GitHub
  Golang Library to interact with your MISP instance
  ☆22Sep 12, 2019Updated 6 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• joeavanzato / velociraptor-timeline-creator

  View on GitHub
  VTC - Velociraptor Timeline Creator
  ☆19May 15, 2024Updated last year
• CptOfEvilMinions / ChooseYourSIEMAdventure

  View on GitHub
  ☆18Jan 18, 2022Updated 4 years ago
• eddiechu / Terminal-SIEM

  View on GitHub
  Super light, super fast, unlimited search idea
  ☆25Aug 3, 2025Updated 9 months ago
• ml58158 / AzureOpenAI-Playbook

  View on GitHub
  Azure OpenAI Playbook created for Microsoft Sentinel
  ☆13May 2, 2024Updated 2 years ago
• AndrewBlumhardt / SentinelReconTools

  View on GitHub
  Sentinel Recon Tools Workbook
  ☆14Aug 24, 2022Updated 3 years ago
• NerbalOne / SentinelOne-Queries

  View on GitHub
  This will be a repository of SentinelOne Deep Visibility queries both the Standard Queries and the Power Queries. Most of these queries w…
  ☆35Updated this week
• MSSAPSCA1 / Azure_Sentinel

  View on GitHub
  Bulk turn on Analytic rules in Azure Sentinel
  ☆18Oct 7, 2021Updated 4 years ago
• format81 / MicrosoftSentinel-AzureOpenAI-IR-helper-playbook

  View on GitHub
  ☆11Mar 16, 2023Updated 3 years ago
• hashicorp / sentinel-github-actions

  View on GitHub
  ☆15Feb 20, 2026Updated 2 months ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• 0xbythesecond / Azure-SOC-Honeynet-Project

  View on GitHub
  Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace
  ☆24Jul 19, 2023Updated 2 years ago
• inhashed / thehive-sentinel-integration

  View on GitHub
  Integration tools for TheHive and Azure Sentinel
  ☆13Sep 23, 2020Updated 5 years ago
• jostuffl / AzureSentinel_Stuff

  View on GitHub
  A collection of things I've created or found that I think is useful for Azure Sentinel.
  ☆18Jan 28, 2026Updated 3 months ago
• chihebchebbi / Azure-Sentinel-Report-Generator

  View on GitHub
  ☆14Feb 22, 2021Updated 5 years ago
• olafhartong / Sentinel-template-parser

  View on GitHub
  Azure Sentinel Template parser
  ☆16Nov 2, 2020Updated 5 years ago
• rod-trent / AzureSentinelMisc

  View on GitHub
  Miscellaneous Azure Sentinel files that don't fall into other categories.
  ☆13Aug 23, 2021Updated 4 years ago
• garybushey / AzSentinelAnalyticsRules

  View on GitHub
  PowerShell commands to export the Azure Sentinel Rule Templates to a CSV and to create the Rules from selected entries in the CSV file
  ☆17Oct 31, 2024Updated last year
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting

  View on GitHub
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆15Aug 15, 2022Updated 3 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook

  View on GitHub
  Send High & New Incidents to The Hive incident management Platform
  ☆18Feb 13, 2021Updated 5 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• Rupan / ida

  View on GitHub
  Miscellaneous IDA scripts and projects
  ☆15Apr 14, 2021Updated 5 years ago
• keyboardcrunch / sentinelone-queries

  View on GitHub
  Repository of SentinelOne Deep Visibility queries.
  ☆135Jun 30, 2021Updated 4 years ago
• gsiddharth29 / Threat-Hunting

  View on GitHub
  Threat Hunt Investigation Methodology and Procedure
  ☆15Jul 11, 2022Updated 3 years ago
• acquiredsecurity / forensic-timeliner

  View on GitHub
  A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…
  ☆322Feb 26, 2026Updated 2 months ago
• richlilly2004 / Azure-Sentinel

  View on GitHub
  ☆18Oct 20, 2022Updated 3 years ago
• abuisa / MalwareZoo

  View on GitHub
  A repository of LIVE malwares for your own joy and pleasure
  ☆24Aug 28, 2017Updated 8 years ago
• eremit4 / Akamaru

  View on GitHub
  Sniffing out well-known threat groups
  ☆64Aug 13, 2024Updated last year
• cloudfence / opnsense-wazuh

  View on GitHub
  Tools to integrate 2 great security tools OPNsense and Wazuh
  ☆32Aug 26, 2021Updated 4 years ago
• bigsnarfdude / Malware-Probabilistic-Data-Structres

  View on GitHub
  NSRL BloomFilter, Mandiant BloomFilter, Hyperloglog Malware Data Structure
  ☆15Mar 14, 2014Updated 12 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• deanobalino / SentinelWorkshop

  View on GitHub
  Azure Sentinel Workshop
  ☆18Jun 5, 2021Updated 4 years ago
• khr0x40sh / PowerW0rm

  View on GitHub
  ☆16May 6, 2015Updated 10 years ago
• scautomation / Bicep-AzureMonitor-Sentinel

  View on GitHub
  Bicep examples repo for log analytics, azure monitor and sentinel
  ☆26Mar 16, 2023Updated 3 years ago
• zolderio / misp-to-sentinel

  View on GitHub
  Azure function to insert MISP data in to Azure Sentinel
  ☆33Oct 19, 2022Updated 3 years ago
• SentineLabs / PowerTrick

  View on GitHub
  This is a repository for the public blog with Labs indicators of compromise and code
  ☆18Jan 8, 2020Updated 6 years ago
• octokami / darknet_forum

  View on GitHub
  Scraping darknet forums has been the object of research in the field of intelligence and security informatics. In this repository we scr…
  ☆11May 18, 2023Updated 2 years ago
• BoranCanOzel / BF1-External-Esp-Aimbot

  View on GitHub
  ☆10Apr 25, 2024Updated 2 years ago