microsoft / EventLogExpert
☆108Updated 3 weeks ago
Related projects: ⓘ
- A command line tool to explore real-time streams of events.☆80Updated last year
- ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …☆22Updated last year
- PowerShell ETW consumer module☆26Updated 8 months ago
- Repository for public site hosting graph permissions☆18Updated this week
- Azure AD Identity Protection Cookie Spoofing☆30Updated last year
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆93Updated 2 months ago
- Assess Azure Security State☆37Updated 7 months ago
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆79Updated last week
- Self-contained Hyper-V Active Directory Lab Environment☆48Updated last month
- KQL queries for cyber defense and for solving daily issues☆42Updated last month
- KQL example queries for working in Azure☆32Updated last month
- Collection of Microsoft Identity Threat Detection and Response resources.☆31Updated 3 weeks ago
- ☆40Updated 11 months ago
- Simple GUI for Microsoft Defender for Endpoint API machine actions in PowerShell.☆29Updated last year
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆74Updated last week
- Check you Sentinel environment using Pester infrastructure tests☆25Updated 11 months ago
- KQL for Azure Resource Manager and AppID search☆22Updated last month
- Public content repo for ATA documentation in OPS☆73Updated this week
- Custom ADMX template focused on hardening Windows 10 systems☆73Updated 6 months ago
- Sentinel Analytics Rule converter PowerShell module☆51Updated last month
- PowerShell Module for managing Microsoft Defender Advanced Threat Protection☆68Updated last year
- A guide to using Azure Data Explorer and KQL for DFIR☆94Updated 2 years ago
- This project contains samples how to use MDATP API for integration with other systems and products☆26Updated 4 years ago
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆20Updated 3 weeks ago
- Microsoft Entra ID App Audit Solution (AADAppAudit)☆78Updated 3 weeks ago
- A WDAC configuration repository with the sole intention of enriching MDE☆27Updated last year
- Security Copilot resources☆17Updated last month
- Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.☆65Updated last week
- Group Membership Management (GMM) is a service that dynamically manages the membership of AAD Groups. Groups managed by GMM can have the…☆96Updated 2 months ago
- Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.☆67Updated last month