kphillip1 / azure-soc-honeynetView external linksLinks
☆19Jun 3, 2024Updated last year
Alternatives and similar repositories for azure-soc-honeynet
Users that are interested in azure-soc-honeynet are comparing it to the libraries listed below
Sorting:
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆15Apr 10, 2024Updated last year
- This repository contains various threat hunting tools written in Python and is documented in the series Python Threat Hunting Tools which…☆18Nov 16, 2023Updated 2 years ago
- Troubleshooting MDE Workstations☆42Jan 7, 2026Updated last month
- This is a collection of scripts and tools I’ve put together to help make Microsoft Intune management a little easier and more efficient. …☆25Updated this week
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆29Aug 4, 2025Updated 6 months ago
- A few scripts I put together to send and receive data from an Azure Log Analytics workspace leveraging the Azure Monitor HTTP Data Collec…☆22May 22, 2023Updated 2 years ago
- ☆72Feb 4, 2026Updated last week
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 7 months ago
- ☆32Jul 25, 2023Updated 2 years ago
- KQL queries for Advanced Hunting☆176Jan 16, 2020Updated 6 years ago
- ☆55Jan 19, 2026Updated 3 weeks ago
- Ian Hanley's deceptively simple KQL queries.☆68Dec 27, 2025Updated last month
- ☆59Jul 18, 2024Updated last year
- This community-driven platform provides detailed guides, scripts, and best practices for managing macOS devices through Intune.☆82Aug 28, 2025Updated 5 months ago
- Code included as part of the MustLearnKQL blog series☆1,146Jan 30, 2026Updated 2 weeks ago
- ☆85Feb 6, 2026Updated last week
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆89Dec 12, 2023Updated 2 years ago
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆720Sep 23, 2024Updated last year
- This repository consists of two things. A script to setup a simple Hub/Spoke Azure network and simulated On-Premises environment. It also…☆75Nov 9, 2022Updated 3 years ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆115Jan 18, 2026Updated 3 weeks ago
- This repository is the central repository for all MicroHacks from customers, partners or Microsoft.☆152Updated this week
- Detecting Lateral Movement with Machine Learning☆139Oct 31, 2017Updated 8 years ago
- Additional Resources to improve Customer Experience with Microsoft Cloud App Security☆157Nov 28, 2022Updated 3 years ago
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 4 months ago
- This repository is a public-facing source of information for FastTrack for Azure Live sessions.☆159Dec 6, 2024Updated last year
- Collection of KQL queries☆1,609Jan 29, 2026Updated 2 weeks ago
- MISP Playbooks☆222Oct 14, 2025Updated 4 months ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆214Updated this week
- Indicators of Compromise☆257Feb 9, 2026Updated last week
- The Intune-Toolkit offers a basic & user-friendly interface to connect to Microsoft Graph, manage policy assignments, and handle backup a…☆320Jan 30, 2026Updated 2 weeks ago
- ☆244Jan 23, 2025Updated last year
- Content and Labs on Azure Private Link☆309Feb 11, 2025Updated last year
- Building environments to replicate small networks and deploy applications☆330Jan 9, 2026Updated last month
- MISP trainings, threat intel and information sharing training materials with source code☆423Dec 17, 2025Updated 2 months ago
- Welcome to the Microsoft Defender for Cloud community repository☆1,872Jan 21, 2026Updated 3 weeks ago
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆484Nov 22, 2024Updated last year
- Microsoft Security Copilot is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders …☆603Sep 5, 2025Updated 5 months ago
- Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.☆586Jan 22, 2025Updated last year
- Terraform supermodule for the Terraform platform engineering for Azure☆579Mar 2, 2025Updated 11 months ago