☆50Jul 7, 2024Updated last year
Alternatives and similar repositories for MDATP_PoSh_Scripts
Users that are interested in MDATP_PoSh_Scripts are comparing it to the libraries listed below
Sorting:
- Microsoft Cloud App Security labs☆14Dec 17, 2018Updated 7 years ago
- Firewall & Antivirus Exclusions Migrator☆16Apr 5, 2022Updated 3 years ago
- M365 MDATP Live Response sample scripts☆82Nov 1, 2024Updated last year
- sample code to MicrosoftDefenderATP API☆27Apr 5, 2021Updated 4 years ago
- PowerShell Module for managing Microsoft Defender Advanced Threat Protection☆76Nov 10, 2022Updated 3 years ago
- This project contains samples how to use MDATP API for integration with other systems and products☆29Dec 22, 2019Updated 6 years ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- Powershell module for Microsoft Cloud App Security (MCAS)☆10Mar 19, 2021Updated 4 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 9 months ago
- ☆62Feb 16, 2024Updated 2 years ago
- ☆103Jan 8, 2025Updated last year
- ☆38Nov 12, 2024Updated last year
- Utility to detect errors in Intune Firewall Rules XML☆20Mar 1, 2024Updated last year
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 2 years ago
- KQL for Azure Resource Manager and AppID search☆23Aug 15, 2024Updated last year
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Aug 5, 2022Updated 3 years ago
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆204Feb 19, 2026Updated last week
- Powershell module for Microsoft Cloud App Security☆86Aug 29, 2023Updated 2 years ago
- ☆47Jan 31, 2024Updated 2 years ago
- Intune related content☆29Dec 11, 2025Updated 2 months ago
- PowerShell-based Automation of Defender for Endpoint☆186Jul 3, 2025Updated 7 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆97Aug 27, 2023Updated 2 years ago
- ☆23Jun 17, 2024Updated last year
- ☆29Feb 27, 2025Updated last year
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- Azure AD Incident Response☆27Oct 8, 2021Updated 4 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- Sample queries for Advanced hunting in Microsoft 365 Defender☆2,051Feb 17, 2022Updated 4 years ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Analyses Azure AD users to make recommendations on how to improve each user's MFA configuration. Can target a group by ObjectId or analys…☆55Oct 22, 2020Updated 5 years ago
- Microsoft Defender for macOS/Linux - config samples, auxiliary tools☆257Feb 4, 2026Updated 3 weeks ago
- ☆78Feb 12, 2024Updated 2 years ago
- ☆31Feb 7, 2025Updated last year
- Defender Resource Hub☆30Updated this week
- Sentinel Analytics Rule converter PowerShell module☆65Updated this week
- ☆26Jun 22, 2022Updated 3 years ago
- reven2-scripts contains a set of REVEN scripts to automate timeless-analysis on REVEN traces.☆30Aug 31, 2022Updated 3 years ago
- A module for interacting with the ConfigMgr AdminService☆27Oct 20, 2023Updated 2 years ago
- This repository is used to store the Azure Information Protection Deployment Acceleration Guide☆29May 31, 2019Updated 6 years ago