-
kql_azure_data_explore Public
KQL Queries to aid in security investigations within Azure Data Explore Databases.
UpdatedNov 11, 2025 -
A Kusto Query queries and dashboard developed to help investigate a host using CrowdStrike FDR Logs
2 UpdatedNov 3, 2025 -
haids_splunk_security Public
Various ways to gather intelligence from an organization's Splunk data
4 UpdatedApr 16, 2025 -
logscale_hunt_queries Public
Logscale queries to aid in Threat Hunting with Crowdstrike
1 UpdatedApr 11, 2024 -
PowerShellSecurityOps Public
For automating common day to day tasks
-
Sparrow Public
Forked from cisagov/SparrowSparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
PowerShell Creative Commons Zero v1.0 Universal UpdatedApr 8, 2021 -
PS_auditing Public
looks for expired accounts, inactive accounts, password not set, etc.
1 UpdatedJan 28, 2021 -
PowerSploit Public
Forked from PowerShellMafia/PowerSploitPowerSploit - A PowerShell Post-Exploitation Framework
PowerShell Other UpdatedAug 17, 2020 -
Sooty Public
Forked from TheresAFewConors/SootyThe SOC Analysts all-in-one CLI tool to automate and speed up workflow.
-
{{ message }}