Alternatives and similar repositories for Sentinel-SOC-101

Users that are interested in Sentinel-SOC-101 are comparing it to the libraries listed below

• rod-trent / SentinelKQL

  View on GitHub
  Azure Sentinel KQL
  ☆469Jul 28, 2025Updated 6 months ago
• LearningKijo / KQL

  View on GitHub
  Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
  ☆484Nov 22, 2024Updated last year
• rod-trent / MustLearnKQL

  View on GitHub
  Code included as part of the MustLearnKQL blog series
  ☆1,146Jan 30, 2026Updated 2 weeks ago
• cyb3rmik3 / MDE-DFIR-Resources

  View on GitHub
  A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …
  ☆421Aug 10, 2025Updated 6 months ago
• cyb3rmik3 / KQL-threat-hunting-queries

  View on GitHub
  A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…
  ☆754Aug 28, 2025Updated 5 months ago
• rod-trent / OpenAISecurity

  View on GitHub
  Scripts and Content for working with Open AI
  ☆169Apr 18, 2025Updated 9 months ago
• KnudsenMorten / Copilot4SecurityTools

  View on GitHub
  Copilot for Security Tools
  ☆17Apr 19, 2024Updated last year
• alexverboon / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Queries. Microsoft Defender, Microsoft Sentinel
  ☆194Dec 22, 2025Updated last month
• rod-trent / SentinelPlaybooks

  View on GitHub
  ☆59Jul 18, 2024Updated last year
• LearningKijo / ResearchDev

  View on GitHub
  ResearchDev - XDR & SIEM Detection
  ☆67Apr 16, 2025Updated 9 months ago
• rod-trent / Security-Copilot

  View on GitHub
  My personal work with Copilot for Security
  ☆200Jun 27, 2025Updated 7 months ago
• Bert-JanP / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…
  ☆1,634Updated this week
• reprise99 / Sentinel-Queries

  View on GitHub
  Collection of KQL queries
  ☆1,609Jan 29, 2026Updated 2 weeks ago
• briandelmsft / SentinelAutomationModules

  View on GitHub
  The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
  ☆277Jan 2, 2026Updated last month
• garybushey / ProgrammingMicrosoftSentinel

  View on GitHub
  Programming Microsoft Sentinel book
  ☆25Dec 13, 2023Updated 2 years ago
• rod-trent / OnPremSecMonitoring4Sentinel

  View on GitHub
  ☆18Jul 13, 2022Updated 3 years ago
• DATCResearch / Sentinel-UseCase-BEC365-IR

  View on GitHub
  Sentinel BEC IR
  ☆14Aug 18, 2022Updated 3 years ago
• LearningKijo / MDEtester

  View on GitHub
  MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
  ☆194Mar 4, 2024Updated last year
• Bert-JanP / Sentinel-Automation

  View on GitHub
  Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.
  ☆115Jan 18, 2026Updated 3 weeks ago
• f-bader / SentinelARConverter

  View on GitHub
  Sentinel Analytics Rule converter PowerShell module
  ☆65Dec 17, 2025Updated last month
• rod-trent / SentinelWorkbooks

  View on GitHub
  Workbooks for Azure Sentinel
  ☆63Aug 14, 2023Updated 2 years ago
• SlimKQL / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Queries. Microsoft Defender, Microsoft Sentinel
  ☆824Feb 5, 2026Updated last week
• rod-trent / KQL-for-Everything

  View on GitHub
  KQL example queries for working in Azure
  ☆36Dec 1, 2025Updated 2 months ago
• Azure / Azure-Sentinel

  View on GitHub
  Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  ☆5,474Updated this week
• Cloud-Architekt / AzureSentinel

  View on GitHub
  Sharing my KQL queries for Azure Sentinel
  ☆206Updated this week
• PacktPublishing / Mastering-Microsoft-365-Defender

  View on GitHub
  Detecting and Responding to Threats using Microsoft 365 Defender, published by Packt
  ☆16Jul 10, 2023Updated 2 years ago
• PuravsPoint / DecipheringUAL

  View on GitHub
  This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…
  ☆63May 12, 2024Updated last year
• JeffMichelmore / MDEKit

  View on GitHub
  ☆42Oct 11, 2023Updated 2 years ago
• markolauren / sentinel

  View on GitHub
  ☆67Jan 20, 2026Updated 3 weeks ago
• alexverboon / MDATP

  View on GitHub
  MDATP
  ☆456Jul 20, 2024Updated last year
• chihebchebbi / Azure-Sentinel-Hive-Playbook

  View on GitHub
  Send High & New Incidents to The Hive incident management Platform
  ☆18Feb 13, 2021Updated 5 years ago
• reprise99 / awesome-kql-sentinel

  View on GitHub
  A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
  ☆240Feb 8, 2023Updated 3 years ago
• canix1 / PIMSCAN

  View on GitHub
  Tool for creating reports on Entra ID Role Assignments
  ☆100Apr 12, 2024Updated last year
• Cloud-Architekt / AzureAD-Attack-Defense

  View on GitHub
  This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …
  ☆2,468Dec 31, 2025Updated last month
• samikroy / ms-sentinel-scout

  View on GitHub
  ☆17Aug 20, 2025Updated 5 months ago
• nicolonsky / ITDR

  View on GitHub
  Collection of Microsoft Identity Threat Detection and Response resources.
  ☆52Feb 1, 2026Updated last week
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite

  View on GitHub
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆573Dec 6, 2025Updated 2 months ago
• Bert-JanP / Incident-Response-Powershell

  View on GitHub
  PowerShell Digital Forensics & Incident Response Scripts.
  ☆766Jan 14, 2026Updated 3 weeks ago
• ep3p / Sentinel_KQL

  View on GitHub
  In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…
  ☆134Dec 18, 2025Updated last month