microsoft / EventLogExpertLinks
☆215Updated 4 months ago
Alternatives and similar repositories for EventLogExpert
Users that are interested in EventLogExpert are comparing it to the libraries listed below
Sorting:
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆49Updated this week
- PowerShell module that intearacts with the VirusTotal service using a VirusTotal API (free)☆73Updated 2 weeks ago
- OneDrive log .ODL reader☆152Updated 11 months ago
- A set of troubleshooting, diagnostic, and information utilities (and useful scripts) for Windows☆67Updated 2 months ago
- Custom ADMX template focused on hardening Windows 10 & Windows 11 systems☆88Updated last week
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆243Updated last month
- A PowerShell module for incident response and threat hunting.☆35Updated last year
- ☆99Updated last week
- This module allows the creation of password expiry emails for users, managers, administrators, and security according to defined template…☆156Updated 6 months ago
- Microsoft Threat Intelligence☆194Updated 2 weeks ago
- ☆61Updated 2 years ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆78Updated last year
- Self-contained Hyper-V Active Directory Lab Environment☆60Updated 3 months ago
- A command line tool to explore real-time streams of events.☆87Updated 8 months ago
- Sysmon configuration file templates with advanced event tracing and blocking☆40Updated last month
- Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs☆91Updated 9 months ago
- ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …☆25Updated 2 years ago
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆159Updated last week
- Collection of Microsoft Identity Threat Detection and Response resources.☆49Updated 2 weeks ago
- KQL queries for cyber defense and for solving daily issues☆52Updated 2 months ago
- A guide to using Azure Data Explorer and KQL for DFIR☆112Updated 3 years ago
- Search Index Database Reporter☆120Updated 11 months ago
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆191Updated last year
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆542Updated this week
- Sentinel Analytics Rule converter PowerShell module☆65Updated 9 months ago
- ☆40Updated 2 weeks ago
- This tool is designed to assist you in analyzing issues related to Defender for Endpoint on your local endpoint. It offers a centralized …☆71Updated 3 months ago
- PowerShell-based Automation of Defender for Endpoint☆175Updated 3 months ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆195Updated 2 years ago
- This repository lists all active Microsoft domains | no URLs and no sub-domains | for the purpose of Whitelisting in various systems and …☆35Updated last year