Random Powershell scripts
☆13Feb 13, 2024Updated 2 years ago
Alternatives and similar repositories for PoSH
Users that are interested in PoSH are comparing it to the libraries listed below
Sorting:
- KQL for Azure Resource Manager and AppID search☆23Aug 15, 2024Updated last year
- Microsoft Defender Advanced Threat Protection☆49Jan 28, 2026Updated last month
- ☆45May 9, 2023Updated 2 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 8 months ago
- ☆50Jul 7, 2024Updated last year
- Microsoft Cloud App Security labs☆14Dec 17, 2018Updated 7 years ago
- GitHub action for validating Microsoft Sentinel detection rules☆14May 22, 2023Updated 2 years ago
- ☆18Jun 4, 2025Updated 8 months ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 2 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆40Oct 30, 2024Updated last year
- MS Entra ID Protection Guidance☆22Apr 2, 2024Updated last year
- ☆19Sep 3, 2021Updated 4 years ago
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆21Aug 23, 2024Updated last year
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆119Aug 19, 2025Updated 6 months ago
- Config files for my GitHub profile.☆10Oct 24, 2025Updated 4 months ago
- ☆89Dec 5, 2023Updated 2 years ago
- ☆38Dec 11, 2024Updated last year
- ☆32Aug 3, 2022Updated 3 years ago
- M365 MDATP Live Response sample scripts☆82Nov 1, 2024Updated last year
- ☆85Feb 6, 2026Updated 3 weeks ago
- Overview of MS Defender☆106Feb 20, 2026Updated last week
- You wonder how to manage your travelers ? In this scenario we describe how to manage them with Identity Governance and Conditional Access…☆11Mar 20, 2024Updated last year
- MSTIC Notebook Components☆35Sep 4, 2025Updated 5 months ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆80Sep 9, 2024Updated last year
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆51Sep 22, 2025Updated 5 months ago
- ☆14Feb 6, 2026Updated 3 weeks ago
- MISP to Microsoft Defender integration☆16Updated this week
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…☆14Jul 20, 2025Updated 7 months ago
- KQL queries for Microsoft Defender Advanced Hunting organized around the TTPs of the MITRE ATT&CK framework.☆18Nov 7, 2024Updated last year
- ☆43Oct 11, 2023Updated 2 years ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated 11 months ago
- Azure function that processes incoming notifications from the O365 Activity API☆50Dec 3, 2025Updated 2 months ago
- EasyPIM let you manage PIM Azure Resource, Entra Role and Groups settings and assignments with simplicity☆220Feb 13, 2026Updated 2 weeks ago
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- ☆12Updated this week
- ☆14Jan 18, 2020Updated 6 years ago
- MP3Tag scripts for pulling data from Metal Archives☆12May 17, 2025Updated 9 months ago
- Script to gather Auditpol data forest wide as well as various other Audit Metadata from DC's, Servers and Workstations.☆12Jul 6, 2017Updated 8 years ago