microsoft / EventLogExpertLinks
☆212Updated 3 months ago
Alternatives and similar repositories for EventLogExpert
Users that are interested in EventLogExpert are comparing it to the libraries listed below
Sorting:
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆48Updated this week
- A set of troubleshooting, diagnostic, and information utilities (and useful scripts) for Windows☆67Updated 3 weeks ago
- Custom ADMX template focused on hardening Windows 10 & Windows 11 systems☆88Updated last week
- ☆95Updated this week
- PowerShell module that intearacts with the VirusTotal service using a VirusTotal API (free)☆63Updated 3 weeks ago
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆244Updated this week
- This module allows the creation of password expiry emails for users, managers, administrators, and security according to defined template…☆156Updated 4 months ago
- Sysmon configuration file templates with advanced event tracing and blocking☆41Updated last week
- OneDrive log .ODL reader☆146Updated 10 months ago
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆153Updated this week
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆191Updated last year
- A PowerShell module for incident response and threat hunting.☆34Updated last year
- A command line tool to explore real-time streams of events.☆88Updated 6 months ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆264Updated 3 years ago
- ☆61Updated 2 years ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆79Updated last year
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆519Updated last month
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆214Updated 2 months ago
- C# based evtx parser with lots of extras☆323Updated last week
- Collection of Microsoft Identity Threat Detection and Response resources.☆49Updated last week
- ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …☆25Updated 2 years ago
- A guide to using Azure Data Explorer and KQL for DFIR☆112Updated 3 years ago
- KQL queries for cyber defense and for solving daily issues☆53Updated last month
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆441Updated 2 years ago
- This tool is designed to assist you in analyzing issues related to Defender for Endpoint on your local endpoint. It offers a centralized …☆69Updated 2 months ago
- Microsoft Threat Intelligence☆191Updated last week
- Intune managed Secured workstation☆250Updated last year
- Self-contained Hyper-V Active Directory Lab Environment☆59Updated 2 months ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆109Updated last year
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆179Updated last week