Alternatives and similar repositories for EventLogExpert:

Users that are interested in EventLogExpert are comparing it to the libraries listed below

• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆102Updated last month
• Beercow / OneDriveExplorer
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆188Updated last month
• MicrosoftDocs / defender-docs
  ☆40Updated this week
• merill / microsoft-info
  Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
  ☆100Updated this week
• Azure / MDTI-Solutions
  Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
  ☆78Updated 4 months ago
• reprise99 / kql-for-dfir
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆98Updated 2 years ago
• alexverboon / Hunting-Queries-Detection-Rules
  KQL Queries. Microsoft Defender, Microsoft Sentinel
  ☆117Updated last month
• f-bader / AzSentinelQueries
  Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.
  ☆78Updated last week
• LearningKijo / MDEtester
  MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
  ☆188Updated 10 months ago
• JeffMichelmore / MDEKit
  ☆41Updated last year
• nathanmcnulty / nathanmcnulty
  ☆205Updated 2 weeks ago
• KnudsenMorten / ClientInspectorV2
  ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …
  ☆24Updated last year
• msdirtbag / MDE-Quickstart
  MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore
  ☆66Updated 2 years ago
• Cloud-Architekt / AzureSentinel
  Sharing my KQL queries for Azure Sentinel
  ☆144Updated last month
• MHaggis / PowerShell-Hunter
  PowerShell tools to help defenders hunt smarter, hunt harder.
  ☆184Updated this week
• jakehildreth / BlueTuxedo
  A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS
  ☆107Updated this week
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆93Updated 4 months ago
• YongRhee-MDE / LiveResponse
  M365 MDATP Live Response sample scripts
  ☆65Updated 2 months ago
• le0li9ht / Microsoft-Sentinel-Queries
  KQL queries for cyber defense and for solving daily issues
  ☆46Updated 3 months ago
• evild3ad / Microsoft-Analyzer-Suite
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆388Updated last month
• anthonws / MDATP_PoSh_Scripts
  ☆48Updated 6 months ago
• Harvester57 / Security-ADMX
  Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
  ☆77Updated last month
• DanielChronlund / DCSecurityOperations
  A collection of Microsoft Sentinel workbooks and analytics rules.
  ☆104Updated 11 months ago
• jsa2 / AADAppAudit
  Microsoft Entra ID App Audit Solution (AADAppAudit)
  ☆80Updated 4 months ago
• ANSSI-FR / DFIR-O365RC
  PowerShell module for Office 365 and Azure log collection
  ☆253Updated 2 months ago
• AaronMargosis / Aaron-Margosis-SysNocturnals-Tools
  A set of troubleshooting, diagnostic, and information utilities for Windows
  ☆53Updated 2 months ago
• PwC-IR / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆259Updated 2 years ago
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆77Updated 2 months ago
• alexverboon / WindowsDefenderATP-Hunting-Queries
  Sample queries for Advanced hunting in Microsoft Defender ATP
  ☆37Updated 3 years ago
• jakehildreth / PowerPUG
  A tiny tool built to help AD Admins safely utilize the Protected Users group.
  ☆35Updated this week