ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
☆39Oct 30, 2024Updated last year
Alternatives and similar repositories for ADXFlowmaster
Users that are interested in ADXFlowmaster are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆22Aug 29, 2023Updated 2 years ago
- various tools for Microsoft Sentinel☆32Jun 26, 2025Updated 10 months ago
- ☆36Mar 23, 2024Updated 2 years ago
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆64May 12, 2024Updated last year
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆37Mar 2, 2026Updated 2 months ago
- ☆45Apr 10, 2024Updated 2 years ago
- A platform for extracting and shipping security value from your data lake to Sentinel.☆36Sep 19, 2024Updated last year
- PowerShell-based Automation of Defender for Endpoint☆192Jul 3, 2025Updated 10 months ago
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- Sentinel BEC IR☆14Aug 18, 2022Updated 3 years ago
- Tool for creating reports on Entra ID Role Assignments☆101Apr 12, 2024Updated 2 years ago
- Velociraptor Server hosted in Azure App Service☆58Jun 4, 2025Updated 11 months ago
- ☆19Dec 18, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆587Updated this week
- BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potentia…☆203Apr 10, 2026Updated 3 weeks ago
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆139Apr 24, 2026Updated last week
- A tool for fetching DFIR and other GitHub tools.☆27Aug 2, 2025Updated 9 months ago
- An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bice…☆44Updated this week
- MAES: M365 Analyzer & Extractor Suite Po☆36Apr 16, 2026Updated 2 weeks ago
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆21Nov 15, 2024Updated last year
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆489Nov 22, 2024Updated last year
- ☆12Oct 24, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆13Jan 24, 2026Updated 3 months ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆51Mar 2, 2022Updated 4 years ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Dec 26, 2022Updated 3 years ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 5 months ago
- MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It emp…☆79Apr 7, 2026Updated 3 weeks ago
- ☆30May 1, 2025Updated last year
- Hunting Queries for Defender ATP☆83Apr 1, 2026Updated last month
- Collection of Microsoft Identity Threat Detection and Response resources.☆54Updated this week
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆326Oct 12, 2025Updated 6 months ago
- MISP to Microsoft Defender integration☆17Feb 24, 2026Updated 2 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆54Oct 23, 2024Updated last year
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17May 11, 2025Updated 11 months ago
- This Module Helps to Scan a Commit History of a Repo for Leakage of Secrets☆15Apr 26, 2025Updated last year
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆195Feb 20, 2026Updated 2 months ago
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year