microsoft / Scalable-Infrastructure-for-Investigation-and-Incident-ResponseLinks
Powershell Scripts to automatically deploy an image of a prebuilt VM (up-to-date and with pre-deployed tools and apps) to every region you require.
☆19Updated 2 years ago
Alternatives and similar repositories for Scalable-Infrastructure-for-Investigation-and-Incident-Response
Users that are interested in Scalable-Infrastructure-for-Investigation-and-Incident-Response are comparing it to the libraries listed below
Sorting:
- Tools to create a Native Windows Audit Collection Platform. Active Directory example provided☆78Updated 6 years ago
- Simple GUI for Microsoft Defender for Endpoint API machine actions in PowerShell.☆39Updated 2 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆44Updated 3 months ago
- This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommen…☆51Updated 3 months ago
- This repository is for a beginners PowerShell training course I am holding in central Missouri.☆20Updated 8 years ago
- Automation around Entra ID☆38Updated 5 months ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Updated 5 years ago
- A Windows PowerShell & PowerShell Core Module to calculate a CVSS3 Score based on a Vector string☆12Updated 3 years ago
- KQL example queries for working in Azure☆35Updated 3 weeks ago
- Advanced Hunting Queries for Microsoft Security Products☆108Updated 2 years ago
- Azure AD Incident Response☆26Updated 4 years ago
- M365 MDATP Live Response sample scripts☆82Updated last year
- ☆31Updated 2 years ago
- Solution to deploy a Sentinel playground demo environment☆57Updated 2 years ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆51Updated 3 weeks ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 4 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆39Updated 3 years ago
- MCP Server that integrates with Security Copilot, Sentinel and other tools (in the future). It enhance the process of developing , testin…☆19Updated 2 months ago
- ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …☆25Updated 2 years ago
- ☆19Updated 4 years ago
- PowerShell Module for managing Microsoft Defender Advanced Threat Protection☆74Updated 3 years ago
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Updated 2 years ago
- Microsoft 365 Defender Hunting via PowerShell.☆14Updated 3 years ago
- Little PowerShell module to extract PowerShell scripts that no longer exists on disk but were run and are still in Event Logs.☆39Updated 4 years ago
- Defender for Endpoint☆28Updated last year
- ☆22Updated 2 years ago
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆28Updated 2 years ago
- Workbooks for Azure Sentinel☆62Updated 2 years ago
- Public content repo for ATA documentation in OPS☆75Updated 10 months ago
- AppLocker hardening policies☆26Updated 7 years ago