msdirtbag / azureveloView external linksLinks
Velociraptor Server hosted in Azure App Service
☆59Jun 4, 2025Updated 8 months ago
Alternatives and similar repositories for azurevelo
Users that are interested in azurevelo are comparing it to the libraries listed below
Sorting:
- PowerShell-based Automation of Defender for Endpoint☆184Jul 3, 2025Updated 7 months ago
- ☆42Oct 11, 2023Updated 2 years ago
- Hunting Queries for Defender ATP☆83Dec 14, 2025Updated 2 months ago
- Anteater is Reconnaissance tool for discovering interesting files and folders in a web application that most likely has been misconfigure…☆13Jun 12, 2024Updated last year
- ☆22Aug 29, 2023Updated 2 years ago
- Azure AiTM Function PoC to phish Entra ID Credentials☆28Nov 21, 2025Updated 2 months ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆61Jul 27, 2025Updated 6 months ago
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- Manage and maintain Defender XDR custom collection configuration☆33Nov 19, 2025Updated 2 months ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆115Jan 18, 2026Updated 3 weeks ago
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆29Aug 4, 2025Updated 6 months ago
- ☆35Mar 23, 2024Updated last year
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆421Aug 10, 2025Updated 6 months ago
- ☆28Oct 15, 2025Updated 4 months ago
- Solutions developed by the MDEASM Customer Experience Engineering (CxE) Go-To Production (GTP) team for Azure MDEASM☆29Feb 3, 2025Updated last year
- A preconfigured Velociraptor triage collector☆75Updated this week
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆68Dec 7, 2025Updated 2 months ago
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs☆92Jan 23, 2025Updated last year
- Sigma rules to share with the community☆124Jan 29, 2025Updated last year
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It…☆14Jul 20, 2025Updated 6 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆52Apr 22, 2025Updated 9 months ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆40Oct 30, 2024Updated last year
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated 9 months ago
- A Shodan-based tool to discover publicly exposed Ollama instances and list available LLM models.☆20May 27, 2025Updated 8 months ago
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Updated this week
- Generate test data that is not only realistic but also contextually meaningful☆27Jun 30, 2023Updated 2 years ago
- Client-side Encrypted Upload Server Python Script☆66Jul 10, 2025Updated 7 months ago
- PowerShell Digital Forensics & Incident Response Scripts.☆766Jan 14, 2026Updated last month
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆574Dec 6, 2025Updated 2 months ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,634Updated this week
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆22Dec 31, 2025Updated last month
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆19May 20, 2025Updated 8 months ago
- An API connector for the Office 365 Management API and the Elastic Stack☆20Aug 9, 2018Updated 7 years ago
- Create a Word document showing your Sentinel configuration☆14Nov 7, 2023Updated 2 years ago
- ☆373Feb 8, 2026Updated last week