cudeso / misp2sentinelView external linksLinks
MISP to Sentinel integration
☆79Feb 6, 2026Updated last week
Alternatives and similar repositories for misp2sentinel
Users that are interested in misp2sentinel are comparing it to the libraries listed below
Sorting:
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Updated this week
- Cleanup of older MISP events can require some work until now☆27Sep 13, 2025Updated 5 months ago
- ☆11Mar 16, 2023Updated 2 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Aug 24, 2022Updated 3 years ago
- Interface LLMs from within MISP to extract TTPs and threat intel from CTI reports☆18Nov 13, 2023Updated 2 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 3 years ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,634Updated this week
- KQL queries for cyber defense and for solving daily issues☆55Jul 28, 2025Updated 6 months ago
- ☆22Aug 29, 2023Updated 2 years ago
- MISP Playbooks☆222Oct 14, 2025Updated 3 months ago
- MISP to Microsoft Defender integration☆16Feb 6, 2026Updated last week
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- ☆67Jan 20, 2026Updated 3 weeks ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆194Dec 22, 2025Updated last month
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆754Aug 28, 2025Updated 5 months ago
- Automation with SSH for Hacking☆10Jan 28, 2025Updated last year
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Script en bash de Nmap que se puede personalizar para ajustar el escaneo a tus necesidades.☆12Jul 20, 2024Updated last year
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆132Updated this week
- Content Repo for Demystifying KQL Tutorial Series☆72Sep 1, 2024Updated last year
- ☆54Updated this week
- ☆13Feb 18, 2024Updated last year
- Create a Word document showing your Sentinel configuration☆14Nov 7, 2023Updated 2 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆44Nov 7, 2020Updated 5 years ago
- Comprehensive adversary emulation tool for security testing on Google Cloud Platform (GCP) environments.☆14Jun 14, 2024Updated last year
- Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace☆24Jul 19, 2023Updated 2 years ago
- Rules generated from our investigations.☆203Jun 17, 2025Updated 7 months ago
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆59Apr 9, 2025Updated 10 months ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆61Jul 27, 2025Updated 6 months ago
- This is a public repository to help those trying to learn Azure content and certifications to better understand the concepts and have a c…☆32Sep 28, 2023Updated 2 years ago
- ☆30May 1, 2025Updated 9 months ago
- MCP to help Defenders Detection Engineer Harder and Smarter☆231Feb 4, 2026Updated last week
- ☆20Apr 10, 2025Updated 10 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Azure OpenAI Playbook created for Microsoft Sentinel☆13May 2, 2024Updated last year
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated last month
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆13Jan 24, 2026Updated 2 weeks ago
- A web scraper to create MISP events and reports☆17Jun 30, 2025Updated 7 months ago
- The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…☆13Sep 21, 2025Updated 4 months ago