MS Graph Commands and Tools for Blue Teamers
☆51Feb 4, 2026Updated 3 months ago
Alternatives and similar repositories for MS-Graph-BlueTeam
Users that are interested in MS-Graph-BlueTeam are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆18Mar 26, 2024Updated 2 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆13Mar 19, 2026Updated 2 months ago
- ☆34Apr 29, 2026Updated 3 weeks ago
- A PowerShell incident response script for quick triage☆81Jul 18, 2022Updated 3 years ago
- ☆50Apr 28, 2025Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Conditional Access Reporting☆29Apr 4, 2025Updated last year
- This is the ringzer0 writeup of web exploitation catagery. The name is "Word mean something"☆14Dec 8, 2023Updated 2 years ago
- sKaleQL is an opinionated template repository for managing, executing, and organizing Kusto Query Language (KQL) queries against Azure Lo…☆20May 20, 2025Updated last year
- A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri☆42Sep 27, 2024Updated last year
- Artificial Dog to bark at deer and other garden pests using Raspberry Pi and Groundlight☆13Jun 19, 2024Updated last year
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆11Mar 22, 2021Updated 5 years ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆82Sep 9, 2024Updated last year
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆467Feb 18, 2026Updated 3 months ago
- Aftermath is a free macOS incident response framework☆34Sep 25, 2025Updated 7 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Oct 12, 2018Updated 7 years ago
- Slides of my public talks☆63Feb 20, 2026Updated 3 months ago
- XML-RPC Vulnerability Checker and Directory Fuzzer☆22Sep 28, 2023Updated 2 years ago
- ☆17Feb 24, 2025Updated last year
- ☆10Dec 24, 2022Updated 3 years ago
- A repo containing some tooling build to assist with reverse engineering malware samples☆15Jul 22, 2023Updated 2 years ago
- ☆16Sep 12, 2022Updated 3 years ago
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆64May 12, 2024Updated 2 years ago
- A Golang API for TheHive☆13Sep 3, 2020Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- This module will create a Microsoft 365 Test Environment☆105Feb 27, 2025Updated last year
- Links and useful documents from my presentations☆15May 28, 2025Updated 11 months ago
- This repo is about Active Directory Advanced Threat Hunting☆648Feb 17, 2025Updated last year
- PowerShell tools to help defenders hunt smarter, hunt harder.☆483Oct 29, 2025Updated 6 months ago
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.☆41Apr 18, 2024Updated 2 years ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆455Jun 16, 2023Updated 2 years ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆119Aug 19, 2025Updated 9 months ago
- Only for educational purposes☆11Jun 17, 2023Updated 2 years ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆17Nov 7, 2025Updated 6 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Tomcat backdoor based on CS blog☆29Jun 30, 2023Updated 2 years ago
- Static Decryptor for IcedID Malware☆18Oct 1, 2022Updated 3 years ago
- Burp Suite extension that makes your life easier by tucking the headers out of the way, so you can see the body content right away withou…☆40Oct 23, 2023Updated 2 years ago
- Hunting Queries for Defender ATP☆83Apr 1, 2026Updated last month
- Everything you need to prepare for the Microsoft 365 Certified: Endpoint Administrator Associate!☆26Dec 16, 2023Updated 2 years ago
- ☆26May 22, 2021Updated 5 years ago
- PowerShell PE Parser☆63Jun 28, 2024Updated last year