Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report
☆29Oct 10, 2023Updated 2 years ago
Alternatives and similar repositories for mddrguidance
Users that are interested in mddrguidance are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Azure OpenAI Playbook created for Microsoft Sentinel☆13May 2, 2024Updated 2 years ago
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- ☆13May 30, 2025Updated 11 months ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 6 months ago
- Ian Hanley's deceptively simple KQL queries.☆68Apr 10, 2026Updated last month
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆30Aug 4, 2025Updated 9 months ago
- ☆61Jun 24, 2023Updated 2 years ago
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆133Feb 10, 2026Updated 3 months ago
- Config files for my GitHub profile.☆14May 7, 2023Updated 3 years ago
- KQL Queries☆41May 13, 2026Updated 2 weeks ago
- A repository for tracking events related to the MOVEit Transfer Cl0p Campaign☆72Jul 19, 2023Updated 2 years ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆69Apr 1, 2026Updated last month
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- Config files for my GitHub profile.☆26Apr 16, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Scripts to check for security issues with SSH keys and authorized_keys files on Linux and other Unix-like operating systems.☆23Sep 29, 2025Updated 8 months ago
- ResearchDev - XDR & SIEM Detection☆67Apr 16, 2025Updated last year
- ☆19Dec 18, 2024Updated last year
- Security Scripts and Sources for daily usage.☆75May 20, 2026Updated last week
- CIS & Azure Security Center Hardening recommendations implemented in PowerShell DSC from Azure Automation☆34Jun 10, 2021Updated 4 years ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆200May 15, 2026Updated 2 weeks ago
- Sentinel Analytics Rule converter PowerShell module☆69Feb 24, 2026Updated 3 months ago
- A small guide on Unknown/Orphaned SIDs and some PowerShell tools to help you get rid of them.☆21Apr 16, 2026Updated last month
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆239Feb 8, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆64May 12, 2024Updated 2 years ago
- ☆21Nov 23, 2022Updated 3 years ago
- Started this due to a viral reddit post request. Like most M365 admins, I used to hate my job—constant tickets, dumb requests, and bosses…☆10May 4, 2025Updated last year
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Apr 4, 2023Updated 3 years ago
- Cover various security approaches to attack techniques and also provides new discoveries about security breaches.☆487Apr 17, 2025Updated last year
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆17Mar 13, 2026Updated 2 months ago
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 3 years ago
- Python-Based Log Analyzer That Detects Brute-Force Attacks, Directory Traversal, And Suspicious Behavior In System Or Web Server Logs. B…☆19Apr 30, 2025Updated last year
- Sophos Central PowerShell module☆12Jul 11, 2023Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- The repository for exam preparation for Microsoft 365 Certified: Enterprise Administrator Expert!☆14Apr 27, 2023Updated 3 years ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆120Jan 18, 2026Updated 4 months ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆82Sep 9, 2024Updated last year
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆491Nov 22, 2024Updated last year
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated last year
- Manage Azure and Microsoft 365 with the Microsoft Graph PowerShell SDK!☆80Aug 29, 2024Updated last year
- Think of this PS-module as a helper for Microsoft Graph version-management, connectivity and data management using Microsoft Graph.☆15Apr 28, 2025Updated last year