olafhartong / Sentinel-template-parser

Related projects ⓘ

Alternatives and complementary repositories for Sentinel-template-parser

• miladaslaner / AdvHuntingCheatSheet
  Microsoft Threat Protection Advance Hunting Cheat Sheet
  ☆78Updated 4 years ago
• humio / security_monitoring
  ☆40Updated last year
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆70Updated 2 weeks ago
• swisscom / PowerSponse
  PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.
  ☆38Updated 2 years ago
• jokezone / Update-Sysmon
  This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
  ☆82Updated last year
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆16Updated last year
• olafhartong / WDACme
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆27Updated last year
• ajackal / ir_scripts
  incident response scripts
  ☆18Updated 5 years ago
• gmellini / Microsoft-Defender-Security-Center-Hunting-Queries
  Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…
  ☆36Updated 3 years ago
• maartengoet / notebooks
  Jupyter notebooks
  ☆22Updated 4 years ago
• DefensiveOrigins / DomainBuildScripts
  Build a domain with three quick PowerShell scripts!
  ☆28Updated 4 years ago
• zulu8 / Get-Baseline
  PowerShell Script for Agentless Incident Response
  ☆25Updated 6 years ago
• Cyb3rWard0g / azure-loganalytics-api-clients
  A few scripts I put together to send and receive data from an Azure Log Analytics workspace leveraging the Azure Monitor HTTP Data Collec…
  ☆23Updated last year
• sans-blue-team / sec555-wiki
  ☆77Updated 5 years ago
• pfpt-andrew / Rapid-Response-Reporting
  RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…
  ☆36Updated 2 years ago
• mikoiv / MicrosoftSentinel-ShodanMonitor
  Ingesting Shodan Monitor Alerts to Microsoft Sentinel
  ☆33Updated last year
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆38Updated 4 years ago
• chihebchebbi / Sentinel2Attack
  ☆14Updated 3 years ago
• DefensiveOrigins / Training
  Defensive Origins Training Schedule
  ☆35Updated 10 months ago
• petebryan / blue_team_con
  ☆17Updated 2 years ago
• johnfranolich / Hunting-Scripts
  A collection of hunting and blue team scripts. Mostly others, some my own.
  ☆38Updated last year
• dwmetz / PSHero
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆35Updated last year
• eshlomo1 / Azure-AD-Incident-Response
  Azure AD Incident Response
  ☆24Updated 3 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• dmb2168 / o365-appids
  ☆18Updated 3 years ago