Giters
Bob Uithoven (deegjoven)

deegjoven

Geek Repo

0

followers

16

following

96

stars

Company:Insight Enterprises

Twitter:@BobUithoven

Github PK Tool:Github PK Tool

Bob Uithoven's starred repositories

Awesome-KQL

Config files for my GitHub profile.

Stargazers:10Issues:0Issues:0

KustQueryLanguage_kql

Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting

Language:BatchfileStargazers:53Issues:0Issues:0

KQL-threat-hunting-queries

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

License:MITStargazers:498Issues:0Issues:0

AdvancedHuntingQueries

Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant

License:UnlicenseStargazers:100Issues:0Issues:0

Threat-Hunting-and-Detection

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

Language:Jupyter NotebookLicense:BSD-3-ClauseStargazers:576Issues:0Issues:0

KQL

Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.

Stargazers:423Issues:0Issues:0

DefenderXDR-AdvancedHunting

Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)

Language:PowerShellLicense:MITStargazers:7Issues:0Issues:0

SentinelAutomationModules

The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel

Language:PowerShellLicense:MITStargazers:203Issues:0Issues:0

mde

Defender for Endpoint

Language:PowerShellLicense:GPL-3.0Stargazers:16Issues:0Issues:0

Getting-into-InfoSec-and-Cybersecurity

A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.

Stargazers:521Issues:0Issues:0

Certipy

Tool for Active Directory Certificate Services enumeration and abuse

Language:PythonLicense:MITStargazers:2255Issues:0Issues:0

TokenUniverse

An advanced tool for working with access tokens and Windows security policy.

Language:PascalLicense:MITStargazers:547Issues:0Issues:0

M365ZeroTrust

Mindmaps for M365 Zero Trust

Stargazers:7Issues:0Issues:0

KQL-for-Everything

KQL example queries for working in Azure

License:MITStargazers:26Issues:0Issues:0

Windows-authentication-brutforce-cheatsheet

Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.

Stargazers:18Issues:0Issues:0

Microsoft-eventlog-mindmap

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

License:BSD-2-ClauseStargazers:994Issues:0Issues:0

ADExplorerSnapshot.py

ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.

Language:PythonStargazers:844Issues:0Issues:0

azure-sentinel-tools

A collection of scripts and works related to Azure Sentinel

Language:PowerShellStargazers:40Issues:0Issues:0

ruler

A tool to abuse Exchange services

Language:GoLicense:NOASSERTIONStargazers:2129Issues:0Issues:0

dnschef

DNSChef - DNS proxy for Penetration Testers and Malware Analysts

Language:PythonLicense:BSD-3-ClauseStargazers:871Issues:0Issues:0

powercat

netshell features all in version 2 powershell

Language:PowerShellLicense:Apache-2.0Stargazers:2098Issues:0Issues:0

Invoke-WCMDump

PowerShell Script to Dump Windows Credentials from the Credential Manager

Language:PowerShellLicense:Apache-2.0Stargazers:719Issues:0Issues:0

Invoke-BSOD

For when you want a computer to be done - without admin!

Language:PowerShellStargazers:281Issues:0Issues:0

MicroBurst

A collection of scripts for assessing Microsoft Azure security

Language:PowerShellLicense:NOASSERTIONStargazers:1965Issues:0Issues:0

PowerZure

PowerShell framework to assess Azure security

Language:PowerShellLicense:BSD-3-ClauseStargazers:1073Issues:0Issues:0

MicrosoftSentinel-ShodanMonitor

Ingesting Shodan Monitor Alerts to Microsoft Sentinel

License:MITStargazers:33Issues:0Issues:0

AzureSentinelMisc

Miscellaneous Azure Sentinel files that don't fall into other categories.

Stargazers:10Issues:0Issues:0

SC-200T00A-Microsoft-Security-Operations-Analyst

Language:PowerShellLicense:MITStargazers:264Issues:0Issues:0

AzurePrivilegedIAM

Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.

Language:PowerShellStargazers:125Issues:0Issues:0

Live-Forensicator

A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)

Language:JavaScriptStargazers:505Issues:0Issues:0