Alternatives and similar repositories for MDE-Quickstart

Users that are interested in MDE-Quickstart are comparing it to the libraries listed below

• msdirtbag / MDC-Quickstart

  View on GitHub
  Rapid MDC deployments
  ☆22Jan 5, 2024Updated 2 years ago
• DATCResearch / Sentinel-UseCase-BEC365-IR

  View on GitHub
  Sentinel BEC IR
  ☆14Aug 18, 2022Updated 3 years ago
• JeffMichelmore / MDEKit

  View on GitHub
  ☆42Oct 11, 2023Updated 2 years ago
• Ccmexec / Intune-MEM

  View on GitHub
  ☆34Jan 29, 2025Updated last year
• olafhartong / MDE-AuditCheck

  View on GitHub
  MDE relies on some of the Audit settings to be enabled
  ☆100Jul 15, 2022Updated 3 years ago
• LearningKijo / KQL

  View on GitHub
  Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
  ☆484Nov 22, 2024Updated last year
• Cyberlorians / Articles

  View on GitHub
  ☆54Updated this week
• jseerden / IntuneBackupAndRestore

  View on GitHub
  PowerShell Module that queries Microsoft Graph, and allows for cross-tenant Backup & Restore actions of your Intune Configuration.
  ☆427Dec 16, 2025Updated last month
• DevClate / Custom-Maester-Tests

  View on GitHub
  ☆30Feb 7, 2025Updated last year
• msdirtbag / ADXFlowmaster

  View on GitHub
  ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
  ☆40Oct 30, 2024Updated last year
• briandelmsft / SentinelAutomationModules

  View on GitHub
  The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
  ☆277Jan 2, 2026Updated last month
• f-bader / SentinelARConverter

  View on GitHub
  Sentinel Analytics Rule converter PowerShell module
  ☆65Dec 17, 2025Updated last month
• mystak23 / Sentinel_Deployment

  View on GitHub
  Automatic Microsoft Sentinel Deployment
  ☆16Apr 1, 2025Updated 10 months ago
• DanielChronlund / DCToolbox

  View on GitHub
  Tools for Microsoft cloud fans
  ☆372Nov 26, 2024Updated last year
• siriussecurity / dettectinator

  View on GitHub
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆119Jan 22, 2026Updated 3 weeks ago
• Cloud-Architekt / AzureAD-Attack-Defense

  View on GitHub
  This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …
  ☆2,468Dec 31, 2025Updated last month
• thalpius / Microsoft-Defender-for-Identity-Configuration-Checker

  View on GitHub
  ☆45May 9, 2023Updated 2 years ago
• Cloud-Architekt / EntraOps

  View on GitHub
  Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)
  ☆198Feb 6, 2026Updated last week
• oloruntolaallbert / MS-Attack-Range

  View on GitHub
  An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…
  ☆61Jul 27, 2025Updated 6 months ago
• nicolonsky / AzureADGuestReview

  View on GitHub
  Automated review process for your Azure AD guest accounts.
  ☆17Sep 22, 2020Updated 5 years ago
• msdirtbag / mde

  View on GitHub
  Defender for Endpoint
  ☆18Mar 11, 2024Updated last year
• h0ffayyy / MicrosoftSentinelStuff

  View on GitHub
  Misc. content for Microsoft Sentinel
  ☆18Apr 12, 2024Updated last year
• microsoft / MSEntraIDProtectionGuidance

  View on GitHub
  MS Entra ID Protection Guidance
  ☆22Apr 2, 2024Updated last year
• Fortigi / ConditionalAccess

  View on GitHub
  ☆21Mar 8, 2021Updated 4 years ago
• silverhack / monkey365

  View on GitHub
  Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft E…
  ☆1,231Feb 4, 2026Updated last week
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite

  View on GitHub
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆573Dec 6, 2025Updated 2 months ago
• jsa2 / caOptics

  View on GitHub
  CA Optics - Azure AD Conditional Access Gap Analyzer
  ☆334Aug 28, 2024Updated last year
• reprise99 / kql-for-dfir

  View on GitHub
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆124May 16, 2022Updated 3 years ago
• almenscorner / IntuneCD

  View on GitHub
  Tool to backup, update and document configurations in Intune
  ☆369Jun 13, 2025Updated 8 months ago
• reprise99 / awesome-kql-sentinel

  View on GitHub
  A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
  ☆240Feb 8, 2023Updated 3 years ago
• microsoft / Intune-ACSC-Windows-Hardening-Guidelines

  View on GitHub
  Collection of Intune policies that could assist with implementing ACSC's Windows hardening guidance.
  ☆322Apr 26, 2024Updated last year
• AlrikRr / ActiveDirectory_Lab

  View on GitHub
  Active DIrectory Lab for Pentesting Practice
  ☆24Aug 9, 2022Updated 3 years ago
• ionsec / maes-platform

  View on GitHub
  MAES: M365 Analyzer & Extractor Suite Po
  ☆33Updated this week
• R33Dfield / WindowsHardening

  View on GitHub
  Intune configuration files for Windows 10 and 11 hardening
  ☆126Dec 4, 2023Updated 2 years ago
• tugich / WinAutopilotImport

  View on GitHub
  This tool provides a simple GUI for registering your Windows device with Windows Autopilot.
  ☆45Aug 12, 2024Updated last year
• arindam0310018 / 24-Feb-2023-Microsoft-Graph-Powershell_Create-Catalog-AccessPackage-Roles-Policies

  View on GitHub
  Automate Entitlement Management in Azure AD Identity Governance using Microsoft Graph Powershell
  ☆15Sep 13, 2023Updated 2 years ago
• microsoft / ConditionalAccessforZeroTrustResources

  View on GitHub
  ConditionalAccessforZeroTrustResources holding resources for Azure AD CA guidance for Zero Trust
  ☆197Apr 2, 2024Updated last year
• LuemmelSec / Custom-BloodHound-Queries

  View on GitHub
  ☆184Dec 4, 2024Updated last year
• Kaidja / Defender-for-Endpoint

  View on GitHub
  Defender for Endpoint
  ☆28Jul 12, 2024Updated last year