Beginners Guide to Hunting for Threats
☆19Apr 26, 2025Updated last year
Alternatives and similar repositories for SentinelOne-ThreatHunting-and-XDR-Guide
Users that are interested in SentinelOne-ThreatHunting-and-XDR-Guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆17Mar 13, 2026Updated 2 months ago
- Automatically generated Sysmon parser for Azure Sentinel☆18Jan 6, 2026Updated 4 months ago
- Personal scripts☆15Sep 11, 2024Updated last year
- This is a repository for reporting any issues in any of my software☆13May 15, 2018Updated 8 years ago
- The fabric-mcp-server is an MCP server that integrates Fabric patterns with AI coding agents and assistants, exposing them as tools for A…☆18Jul 28, 2025Updated 9 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Golang Library to interact with your MISP instance☆23Sep 12, 2019Updated 6 years ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated 2 years ago
- ☆18Jan 18, 2022Updated 4 years ago
- Super light, super fast, unlimited search idea☆25Aug 3, 2025Updated 9 months ago
- Azure OpenAI Playbook created for Microsoft Sentinel☆13May 2, 2024Updated 2 years ago
- Sentinel Recon Tools Workbook☆14Aug 24, 2022Updated 3 years ago
- Miscellaneous notebooks to use with Sentinel Hub☆20Aug 28, 2023Updated 2 years ago
- ☆15May 11, 2026Updated 2 weeks ago
- Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace☆24Jul 19, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Integration tools for TheHive and Azure Sentinel☆13Sep 23, 2020Updated 5 years ago
- A collection of things I've created or found that I think is useful for Azure Sentinel.☆18Jan 28, 2026Updated 3 months ago
- ☆14Feb 22, 2021Updated 5 years ago
- putting all together: customer environment, some threats, azure security services, Microsoft 365 Defender services, Azure monitor service…☆17Apr 11, 2022Updated 4 years ago
- Azure Sentinel Template parser☆16Nov 2, 2020Updated 5 years ago
- KQL Sentinel and Defender Detection and Hunting Queries.☆16Feb 24, 2026Updated 3 months ago
- PowerShell commands to export the Azure Sentinel Rule Templates to a CSV and to create the Rules from selected entries in the CSV file☆17Oct 31, 2024Updated last year
- Azure Function for the Microsoft Sentinel Triage AssistanT (STAT)☆16Apr 13, 2026Updated last month
- Plugins for parsing CSV files in Timeline Explorer. This project allows for anyone to add more supported files (i,e. they get a Line #/ta…☆33May 11, 2026Updated 2 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Feb 13, 2021Updated 5 years ago
- A walkthrough of creating and using the Azure environment and Microsoft Sentinel to track attacks and plot attacks on a live map.☆24Mar 26, 2023Updated 3 years ago
- Misc. content for Microsoft Sentinel☆17Apr 12, 2024Updated 2 years ago
- Miscellaneous IDA scripts and projects☆15Apr 14, 2021Updated 5 years ago
- Repository of SentinelOne Deep Visibility queries.☆135Jun 30, 2021Updated 4 years ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- RDP Credential Provider☆12Oct 29, 2025Updated 6 months ago
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆325Feb 26, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Azure Sentinel PowerShell cmdlets☆20Mar 28, 2022Updated 4 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆95Jan 11, 2021Updated 5 years ago
- Tools to integrate 2 great security tools OPNsense and Wazuh☆33Aug 26, 2021Updated 4 years ago
- Azure function to insert MISP data in to Azure Sentinel☆33Oct 19, 2022Updated 3 years ago
- This is a repository for the public blog with Labs indicators of compromise and code☆18Jan 8, 2020Updated 6 years ago
- Scraping darknet forums has been the object of research in the field of intelligence and security informatics. In this repository we scr…☆11May 18, 2023Updated 3 years ago
- ☆10Apr 25, 2024Updated 2 years ago