ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
☆39Oct 30, 2024Updated last year
Alternatives and similar repositories for ADXFlowmaster
Users that are interested in ADXFlowmaster are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆22Aug 29, 2023Updated 2 years ago
- various tools for Microsoft Sentinel☆32Jun 17, 2026Updated 2 weeks ago
- ☆36Mar 23, 2024Updated 2 years ago
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆66May 12, 2024Updated 2 years ago
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆38Mar 2, 2026Updated 4 months ago
- ☆45Apr 10, 2024Updated 2 years ago
- A platform for extracting and shipping security value from your data lake to Sentinel.☆36Sep 19, 2024Updated last year
- PowerShell-based Automation of Defender for Endpoint☆195Jul 3, 2025Updated last year
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- Sentinel BEC IR☆14Aug 18, 2022Updated 3 years ago
- Tool for creating reports on Entra ID Role Assignments☆101Apr 12, 2024Updated 2 years ago
- Velociraptor Server hosted in Azure App Service☆59Jun 4, 2025Updated last year
- ☆19Dec 18, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆637Jun 20, 2026Updated 2 weeks ago
- BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potentia…☆203Jun 24, 2026Updated last week
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆140Jun 24, 2026Updated last week
- A tool for fetching DFIR and other GitHub tools.☆29Aug 2, 2025Updated 11 months ago
- An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bice…☆58Jun 3, 2026Updated last month
- MAES: M365 Analyzer & Extractor Suite Po☆37May 4, 2026Updated 2 months ago
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆22Nov 15, 2024Updated last year
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆492Nov 22, 2024Updated last year
- ☆12Oct 24, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆13Jan 24, 2026Updated 5 months ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆51Mar 2, 2022Updated 4 years ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Dec 26, 2022Updated 3 years ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Jun 9, 2026Updated 3 weeks ago
- MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It emp…☆79Apr 7, 2026Updated 2 months ago
- ☆30May 1, 2025Updated last year
- Collection of Microsoft Identity Threat Detection and Response resources.☆54Jun 1, 2026Updated last month
- Hunting Queries for Defender ATP☆84Apr 1, 2026Updated 3 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- MISP to Microsoft Defender integration☆17Jun 19, 2026Updated 2 weeks ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆329Oct 12, 2025Updated 8 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated last year
- This Module Helps to Scan a Commit History of a Repo for Leakage of Secrets☆15Apr 26, 2025Updated last year
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆195Feb 20, 2026Updated 4 months ago
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year