Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report
☆29Oct 10, 2023Updated 2 years ago
Alternatives and similar repositories for mddrguidance
Users that are interested in mddrguidance are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Azure OpenAI Playbook created for Microsoft Sentinel☆13May 2, 2024Updated 2 years ago
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- ☆13May 30, 2025Updated 11 months ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 6 months ago
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆30Aug 4, 2025Updated 9 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆61Jun 24, 2023Updated 2 years ago
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆133Feb 10, 2026Updated 2 months ago
- Config files for my GitHub profile.☆14May 7, 2023Updated 3 years ago
- KQL Queries☆39May 1, 2026Updated last week
- A repository for tracking events related to the MOVEit Transfer Cl0p Campaign☆71Jul 19, 2023Updated 2 years ago
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆69Apr 1, 2026Updated last month
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- Config files for my GitHub profile.☆26Apr 16, 2025Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Scripts to check for security issues with SSH keys and authorized_keys files on Linux and other Unix-like operating systems.☆23Sep 29, 2025Updated 7 months ago
- Security Scripts and Sources for daily usage.☆74Apr 28, 2026Updated last week
- ResearchDev - XDR & SIEM Detection☆67Apr 16, 2025Updated last year
- ☆19Dec 18, 2024Updated last year
- CIS & Azure Security Center Hardening recommendations implemented in PowerShell DSC from Azure Automation☆34Jun 10, 2021Updated 4 years ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆199Apr 22, 2026Updated 2 weeks ago
- Sentinel Analytics Rule converter PowerShell module☆68Feb 24, 2026Updated 2 months ago
- A small guide on Unknown/Orphaned SIDs and some PowerShell tools to help you get rid of them.☆21Apr 16, 2026Updated 3 weeks ago
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆240Feb 8, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆64May 12, 2024Updated last year
- ☆20Nov 23, 2022Updated 3 years ago
- Started this due to a viral reddit post request. Like most M365 admins, I used to hate my job—constant tickets, dumb requests, and bosses…☆10May 4, 2025Updated last year
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Apr 4, 2023Updated 3 years ago
- Cover various security approaches to attack techniques and also provides new discoveries about security breaches.☆486Apr 17, 2025Updated last year
- Organize media into one folder with a date-centric folder structure.☆13Mar 31, 2026Updated last month
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆17Mar 13, 2026Updated last month
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 3 years ago
- Python-Based Log Analyzer That Detects Brute-Force Attacks, Directory Traversal, And Suspicious Behavior In System Or Web Server Logs. B…☆19Apr 30, 2025Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Sophos Central PowerShell module☆12Jul 11, 2023Updated 2 years ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆117Jan 18, 2026Updated 3 months ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆81Sep 9, 2024Updated last year
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆489Nov 22, 2024Updated last year
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated 11 months ago
- Manage Azure and Microsoft 365 with the Microsoft Graph PowerShell SDK!☆80Aug 29, 2024Updated last year
- Think of this PS-module as a helper for Microsoft Graph version-management, connectivity and data management using Microsoft Graph.☆15Apr 28, 2025Updated last year