Alternatives and similar repositories for Azure-AD-Incident-Response

Users that are interested in Azure-AD-Incident-Response are comparing it to the libraries listed below

• eshlomo1 / Microsoft-Sentinel-SecOps

  View on GitHub
  Microsoft Sentinel SOC Operations
  ☆264Jul 10, 2024Updated last year
• XanthusSecurity / memparse

  View on GitHub
  ☆14Jan 18, 2020Updated 6 years ago
• DamonMohammadbagher / NativePayload_TiACBT

  View on GitHub
  NativePayload_TiACBT (Remote Thread Injection + C# Async Method + CallBack Functions Technique)
  ☆13Jun 6, 2023Updated 2 years ago
• eshlomo1 / Ransomware-NOTE

  View on GitHub
  All about ransomware notes and extension files.
  ☆14Aug 26, 2023Updated 2 years ago
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting

  View on GitHub
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆14Aug 15, 2022Updated 3 years ago
• vavarachen / volatility_automation

  View on GitHub
  A tool to automate memory dump processing using Volatility, including optional Splunk integration.
  ☆12Jul 29, 2020Updated 5 years ago
• curi0usJack / psfire

  View on GitHub
  simple demo of using C# & System.Management.Automation.dll to run powershell code (b64 encoded) without powershell.exe
  ☆14Mar 29, 2017Updated 8 years ago
• WillOram / AzureAD-incident-response

  View on GitHub
  Notes on responding to security breaches relating to Azure AD
  ☆120Mar 14, 2022Updated 3 years ago
• conix-security / debug_inject

  View on GitHub
  Shellcode injection using debugging APIs
  ☆19Jan 13, 2014Updated 12 years ago
• Cyb3r-Monk / Cheat-Sheets

  View on GitHub
  Cheat sheets for threat hunting, detection and other stuff.
  ☆34Oct 7, 2022Updated 3 years ago
• Sebmolendijk / mcas-labs

  View on GitHub
  Microsoft Cloud App Security labs
  ☆14Dec 17, 2018Updated 7 years ago
• chandunsa / IRP

  View on GitHub
  Incident Response Playbooks
  ☆15Jun 10, 2019Updated 6 years ago
• petebryan / blue_team_con

  View on GitHub
  ☆17Aug 27, 2022Updated 3 years ago
• PinkNoize / shelf-loader-poc

  View on GitHub
  ☆12Dec 2, 2021Updated 4 years ago
• DamonMohammadbagher / ETWNetMonv3

  View on GitHub
  ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…
  ☆41Jun 6, 2023Updated 2 years ago
• FalconForceTeam / FalconForge

  View on GitHub
  This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…
  ☆17Mar 10, 2023Updated 2 years ago
• eshlomo1 / MS-Defender-4-xOPS

  View on GitHub
  ☆17Jul 20, 2024Updated last year
• diljith369 / OffensiveVLang

  View on GitHub
  Offensive V Programming
  ☆18Nov 3, 2021Updated 4 years ago
• jsecu / 7DaysofRed

  View on GitHub
  7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal
  ☆18Apr 17, 2021Updated 4 years ago
• MII-Cybersec / Threat-Hunting-Notebook

  View on GitHub
  Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes
  ☆22Jun 15, 2022Updated 3 years ago
• AustralianCyberSecurityCentre / constellation_cyber_plugins

  View on GitHub
  The ACSC CyberTools Plugins are build upon the functionality of the Constellation data visualisation platform to deliver enrichments suit…
  ☆24Jul 26, 2023Updated 2 years ago
• 0xC0D1F1ED / cpp_vs_payload_template

  View on GitHub
  Visual Studio (C++) Solution Template for Payloads
  ☆18Oct 30, 2019Updated 6 years ago
• jsa2 / kql

  View on GitHub
  KQL for Azure Resource Manager and AppID search
  ☆23Aug 15, 2024Updated last year
• h4xu3lyn / NTLib

  View on GitHub
  Headers for linking your software with ntdll.dll
  ☆15Nov 4, 2020Updated 5 years ago
• rasta-mouse / AsyncNamedPipes

  View on GitHub
  Send and receive messages over Named Pipes asynchronously.
  ☆39Sep 17, 2021Updated 4 years ago
• microsoft / ASDET

  View on GitHub
  ☆19Sep 3, 2021Updated 4 years ago
• CyberSecurityUP / AWS-Cloud-Practicioner-Notes

  View on GitHub
  ☆16Jul 19, 2021Updated 4 years ago
• AndrewRathbun / EventTranscript.db-Research

  View on GitHub
  A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.
  ☆43Jul 18, 2022Updated 3 years ago
• freesoul / netstub

  View on GitHub
  Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.
  ☆17Sep 29, 2018Updated 7 years ago
• malcomvetter / SneakyService

  View on GitHub
  A simple, minimal C# windows service implementation that can be used to demonstrate privilege escalation from misconfigured windows servi…
  ☆16Sep 4, 2015Updated 10 years ago
• rallyspeed / Azure-CIS

  View on GitHub
  Automate Azure subscription check against CIS Benchmark
  ☆22Jun 29, 2018Updated 7 years ago
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW

  View on GitHub
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆51Mar 2, 2022Updated 3 years ago
• kcyerrid / CTI

  View on GitHub
  Cyber Threat Intelligence
  ☆74Dec 7, 2025Updated 2 months ago
• v-byte-cpu / juicyrout

  View on GitHub
  Phishing Reverse Proxy with MFA bypass
  ☆17Jan 28, 2023Updated 3 years ago
• lieff / dynobj

  View on GitHub
  Dynamic COFF object loader
  ☆23Jun 29, 2018Updated 7 years ago
• 0x4D31 / Presentations

  View on GitHub
  Some of the presentations given by me
  ☆19Aug 8, 2025Updated 6 months ago
• dievus / Firefox-Dumper

  View on GitHub
  Tool to transfer credential files from Firefox to your local machine to decrypt offline.
  ☆22Nov 20, 2021Updated 4 years ago
• nisargsuthar / Veritas

  View on GitHub
  A hex viewer for the sleuths!
  ☆20Nov 7, 2025Updated 3 months ago
• elysiumsecurityltd / IRM

  View on GitHub
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆24Dec 16, 2021Updated 4 years ago