ejazr83's starred repositories
MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
definitive-guide-kql
Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
ics-forensics-tools
Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files.
securedworkstation
Intune managed Secured workstation
Microsoft-Purview-Advanced-Rich-Reports-MPARR-Collector
Repository with all the MPARR components solution
purviewdemo
Azure Purview Demo Generator
InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
forensictools
Collection of forensic tools
Sentinel-SOC-101
Content and collateral for the Microsoft Sentinel SOC 101 series
sovereign-landing-zone
This Sovereign Landing Zone (SLZ) provides opinionated infrastructure-as-code automation for deploying workloads that meet regulatory compliance requirements for government agencies around the world.
azsecurityworkshop
Security Workshop | Azure
review-checklists
This repo contains code and examples to operationalize Azure review checklists.
deployment-environments
Sample infrastructure-as-code templates to get started with Azure Deployment Environments service.
SysmonCommunityGuide
TrustedSec Sysinternals Sysmon Community Guide
architecture-design
course material for six week architecture design course
publications
Publications from Trail of Bits
attack_to_veris
🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
PartnerResources
Resources created by Microsoft's GPS (Global Partner Solutions) team
MDE-PowerBI-Templates
A respository for MDATP PowerBI Templates
securecontrolsframework
Config files for my GitHub profile.
ConditionalAccessforZeroTrustResources
ConditionalAccessforZeroTrustResources holding resources for Azure AD CA guidance for Zero Trust
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response