deegjoven
Senior Security Consultant navigating customers thru the 7 Seas of Microsoft Security
Insight Enterprises
deegjoven's Stars
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
sensepost/ruler
A tool to abuse Exchange services
besimorhino/powercat
netshell features all in version 2 powershell
NetSPI/MicroBurst
A collection of scripts for assessing Microsoft Azure security
hausec/PowerZure
PowerShell framework to assess Azure security
mdecrevoisier/Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
iphelix/dnschef
DNSChef - DNS proxy for Penetration Testers and Malware Analysts
c3c/ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
peewpw/Invoke-WCMDump
PowerShell Script to Dump Windows Credentials from the Credential Manager
Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
cyb3rmik3/KQL-threat-hunting-queries
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
diversenok/TokenUniverse
An advanced tool for working with access tokens and Windows security policy.
Johnng007/Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)
GoVanguard/Getting-into-InfoSec-and-Cybersecurity
A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.
LearningKijo/KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
MicrosoftLearning/SC-200T00A-Microsoft-Security-Operations-Analyst
peewpw/Invoke-BSOD
For when you want a computer to be done - without admin!
briandelmsft/SentinelAutomationModules
The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
Cloud-Architekt/AzurePrivilegedIAM
Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.
lawndoc/AdvancedHuntingQueries
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
m4nbat/KustQueryLanguage_kql
Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting
azsec/azure-sentinel-tools
A collection of scripts and works related to Azure Sentinel
mikoiv/MicrosoftSentinel-ShodanMonitor
Ingesting Shodan Monitor Alerts to Microsoft Sentinel
rod-trent/KQL-for-Everything
KQL example queries for working in Azure
mdecrevoisier/Windows-authentication-brutforce-cheatsheet
Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
msdirtbag/mde
Defender for Endpoint
rod-trent/AzureSentinelMisc
Miscellaneous Azure Sentinel files that don't fall into other categories.
AdarshPandey-dev/Awesome-KQL
Config files for my GitHub profile.
gh-andrem/DefenderXDR-AdvancedHunting
Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
JadKaraki/M365ZeroTrust
Mindmaps for M365 Zero Trust