Alternatives and similar repositories for msticpy-training

Users that are interested in msticpy-training are comparing it to the libraries listed below

• microsoft / msticpy-lab
  A lab environment for learning about MSTICPy
  ☆37Updated 2 years ago
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆39Updated 3 weeks ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆126Updated 5 years ago
• inodee / spl-to-kql
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆44Updated 4 years ago
• jangeisbauer / AdvancedHunting
  Advanced Hunting Queries for Microsoft Security Products
  ☆107Updated 2 years ago
• ugurkocde / KQL-Search
  ☆31Updated 2 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆73Updated 11 months ago
• microsoft / AzDetectSuite
  A collection of ARM-based detections for Azure/AzureAD based TTPs
  ☆88Updated last year
• alexverboon / DefenderResourceHub
  Defender Resource Hub
  ☆28Updated last month
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆41Updated 4 years ago
• msdirtbag / ADXFlowmaster
  ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
  ☆40Updated 11 months ago
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆32Updated 3 years ago
• le0li9ht / Microsoft-Sentinel-Queries
  KQL queries for cyber defense and for solving daily issues
  ☆52Updated 2 months ago
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆53Updated 2 years ago
• microsoft / msticnb
  MSTIC Notebook Components
  ☆32Updated last month
• rinure-msft / Azure-Sentinel
  Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  ☆20Updated 2 years ago
• secgroundzero / KQL_Reference_Manual
  ☆43Updated 4 years ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆100Updated 3 years ago
• YongRhee-MDE / LiveResponse
  M365 MDATP Live Response sample scripts
  ☆79Updated 11 months ago
• reprise99 / mddrguidance
  Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report
  ☆28Updated 2 years ago
• olafhartong / WDACme
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆29Updated 4 months ago
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆54Updated 2 years ago
• FalconForceTeam / FalconForge
  This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…
  ☆17Updated 2 years ago
• olafhartong / Sentinel-template-parser
  Azure Sentinel Template parser
  ☆16Updated 4 years ago
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆70Updated last year
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆16Updated 2 months ago
• Intellisec-Solutions / Sentinel2D3FEND
  This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…
  ☆73Updated 4 years ago
• malwarejake-public / conference-presentations
  Conference presentations
  ☆59Updated last month
• m4nbat / KustQueryLanguage_kql
  Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
  ☆65Updated 6 months ago
• microsoft / mstic
  Microsoft Threat Intelligence
  ☆194Updated last week