Visualize Microsoft Defender XDR process trees and security events
☆33Aug 24, 2025Updated 6 months ago
Alternatives and similar repositories for XDRStoryParser
Users that are interested in XDRStoryParser are comparing it to the libraries listed below
Sorting:
- Manage and maintain Defender XDR custom collection configuration☆33Nov 19, 2025Updated 3 months ago
- Automated Phishing Tool☆11May 27, 2020Updated 5 years ago
- MSIX Building Made Easy for Defenders☆59Aug 25, 2025Updated 6 months ago
- KQL queries for Incident Response☆14Oct 31, 2023Updated 2 years ago
- This is my attempt at creating "container" based solutions, where every folder is a solution to a question, problem or business need that…☆17Jan 31, 2025Updated last year
- Links to malware-related YARA rules☆15Sep 29, 2022Updated 3 years ago
- Security Scripts and Sources for daily usage.☆69Jan 25, 2026Updated last month
- ☆19Jul 21, 2022Updated 3 years ago
- Adversary Simulation Framework☆38Aug 19, 2025Updated 6 months ago
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆77Feb 10, 2026Updated 3 weeks ago
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆95Dec 28, 2025Updated 2 months ago
- This GitHub repository contains lessons for developing Microsoft Security CoPilot plugins☆19May 15, 2024Updated last year
- ☆23Dec 15, 2022Updated 3 years ago
- Persist like a Dodder☆68May 19, 2025Updated 9 months ago
- ☆19Oct 23, 2020Updated 5 years ago
- Config files for my GitHub profile.☆18Apr 8, 2025Updated 10 months ago
- Cybersecurity Architects Handbook, published by Packt☆27Mar 27, 2024Updated last year
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆277Dec 20, 2025Updated 2 months ago
- A python script to create a fake GitHub runner and hijack pipeline jobs to leak CI/CD secrets.☆28Oct 13, 2024Updated last year
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆832Updated this week
- Guidance and collateral for troubleshooting and managing Azure Sentinel data costs.☆28Oct 9, 2023Updated 2 years ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆192Dec 20, 2024Updated last year
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆194Feb 20, 2026Updated last week
- Discover a curated collection of scripts for Microsoft Azure and Microsoft 365 in this repository. Tailored for efficiency and automation…☆35Oct 21, 2025Updated 4 months ago
- A curated collection of DFIR skills and workflows for InfoSec practitioners.☆251Feb 8, 2026Updated 3 weeks ago
- ☆31Sep 4, 2023Updated 2 years ago
- M365 MDATP Live Response sample scripts☆82Nov 1, 2024Updated last year
- Overview of MS Defender☆106Feb 20, 2026Updated last week
- ZAPISEC WAF-Copilot is an automated AI-powered security framework for web applications with a focus on highly configurable streamlined vu…☆21Oct 6, 2025Updated 4 months ago
- ☆85Feb 6, 2026Updated 3 weeks ago
- Content Repo for Demystifying KQL Tutorial Series☆72Sep 1, 2024Updated last year
- Azure AD Identity Protection Cookie Spoofing☆35Sep 2, 2023Updated 2 years ago
- AIL project training materials☆39Feb 24, 2026Updated last week
- Card Payments Simulation Tool For Indie Devs : Core Card Switch Engine, Fraud Engine, ATM/POS GUI Simulator , Admin Dash (Real-time MSG …☆19Jun 15, 2025Updated 8 months ago
- A framework for backdooring Microsoft Nuget packages.☆10Jan 9, 2024Updated 2 years ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- Code examples from my book and class, PowerShell for Systems Engineers.☆11Jan 6, 2023Updated 3 years ago
- Convert Confluence MIME exports (.doc) to clean Markdown☆34Jan 13, 2026Updated last month
- Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them☆19Updated this week