Joshua-Devine

Joshua-Devine's Stars

• microsoftgraph/microsoft-graph-explorer-v4

  React/Redux version of Graph Explorer used to learn the Microsoft Graph Api

  Language:TypeScript21493

• pnp/powershell

  PnP PowerShell

  Language:C#683348

• cisagov/untitledgoosetool

  Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.

  Language:Python91480

• Joshua-Devine/Log-File-Summarizing-Tool

  Perl script used for summarizing structured and unstructured text log files for further analysis.

  Language:Perl1

• damonlabette/ubuntu-mde

  2

• inodee/spl-to-kql

  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects requiring both technologies (Splunk and Azure/Sentinel) or any other hybrid environments. Feel free to add/suggest entries.

  386

• rod-trent/MustLearnKQL

  Code included as part of the MustLearnKQL blog series

  984165

• dmrellan/Visual-Auditing-Security-Workbook-with-Microsoft-Sentinel

  Language:PowerShell326

• Azure/Azure-Sentinel

  Cloud-native SIEM for intelligent security analytics for your entire enterprise.

  Language:Jupyter Notebook4.6k3k

• MicrosoftLearning/SC-200T00A-Microsoft-Security-Operations-Analyst

  Language:PowerShell287218

• Azure/Azure-Sentinel-Notebooks

  Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

  Language:Jupyter Notebook560193

• mlopinto/Azure-Arc-AMA-Agent

  This page will provide you a solution to automating your deployment of Azure Monitoring Agent (AMA) and their associated Data Collection Rules (DCR) to eliminate unnecessary operational overhead while remaining compliant.

  3

• Joshua-Devine/Detect-and-Report-Azure-IP-Address-Changes

  Perl script that will query an external website to download and filter on available data centers, regions, and services available from the Microsoft Azure cloud services in order to report on published IPv4 and IPv6 addresses. Can create named baselines based on selected parameters in order to display IP address changes so that layer 3/4 boundary devices can be proactively configured to avoid service disruption.

  Language:Perl2

• wortell/AZSentinel

  PowerShell module for Azure Sentinel

  Language:PowerShell23082

• wortell/KQL

  KQL queries for Advanced Hunting

  16646

• javiersoriano/sentinel-training

  Language:PowerShell3616