Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report
☆28Oct 10, 2023Updated 2 years ago
Alternatives and similar repositories for mddrguidance
Users that are interested in mddrguidance are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Azure OpenAI Playbook created for Microsoft Sentinel☆13May 2, 2024Updated last year
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- ☆13May 30, 2025Updated 10 months ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 5 months ago
- Ian Hanley's deceptively simple KQL queries.☆67Apr 10, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆30Aug 4, 2025Updated 8 months ago
- ☆60Jun 24, 2023Updated 2 years ago
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆133Feb 10, 2026Updated 2 months ago
- Config files for my GitHub profile.☆14May 7, 2023Updated 2 years ago
- KQL Queries☆34Mar 19, 2026Updated last month
- A repository for tracking events related to the MOVEit Transfer Cl0p Campaign☆71Jul 19, 2023Updated 2 years ago
- PDump is a project for dumping leaked credentials from DEHASHED☆17Jan 21, 2024Updated 2 years ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆69Apr 1, 2026Updated 2 weeks ago
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Config files for my GitHub profile.☆26Apr 16, 2025Updated last year
- Security Scripts and Sources for daily usage.☆73Jan 25, 2026Updated 2 months ago
- ResearchDev - XDR & SIEM Detection☆67Apr 16, 2025Updated last year
- ☆19Dec 18, 2024Updated last year
- CIS & Azure Security Center Hardening recommendations implemented in PowerShell DSC from Azure Automation☆34Jun 10, 2021Updated 4 years ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆197Mar 16, 2026Updated last month
- Sentinel Analytics Rule converter PowerShell module☆67Feb 24, 2026Updated last month
- A small guide on Unknown/Orphaned SIDs and some PowerShell tools to help you get rid of them.☆21Mar 28, 2022Updated 4 years ago
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆239Feb 8, 2023Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆64May 12, 2024Updated last year
- ☆20Nov 23, 2022Updated 3 years ago
- Started this due to a viral reddit post request. Like most M365 admins, I used to hate my job—constant tickets, dumb requests, and bosses…☆10May 4, 2025Updated 11 months ago
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆20Apr 4, 2023Updated 3 years ago
- Organize media into one folder with a date-centric folder structure.☆13Mar 31, 2026Updated 2 weeks ago
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Mar 13, 2026Updated last month
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 3 years ago
- Python-Based Log Analyzer That Detects Brute-Force Attacks, Directory Traversal, And Suspicious Behavior In System Or Web Server Logs. B…☆19Apr 30, 2025Updated 11 months ago
- Sophos Central PowerShell module☆12Jul 11, 2023Updated 2 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- The repository for exam preparation for Microsoft 365 Certified: Enterprise Administrator Expert!☆14Apr 27, 2023Updated 2 years ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆116Jan 18, 2026Updated 3 months ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆81Sep 9, 2024Updated last year
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆489Nov 22, 2024Updated last year
- Manage Azure and Microsoft 365 with the Microsoft Graph PowerShell SDK!☆80Aug 29, 2024Updated last year
- Think of this PS-module as a helper for Microsoft Graph version-management, connectivity and data management using Microsoft Graph.☆14Apr 28, 2025Updated 11 months ago
- Hints for the Kusto Detective Agency - Season 2☆10Aug 15, 2023Updated 2 years ago