Skip to content

@sentinelblue Sentinel Blue

Change the repository type filter

All

    Repositories list

    24 repositories

    • Microsoft-Sentinel-SB-ASIM

      Public
      Microsoft Sentinel Advanced Security Information Model (ASIM) schemas and parsers maintained by the Sentinel Blue SOC team.
      MIT License
      0000Updated Jun 3, 2024Jun 3, 2024

    • EntraExporter

      Public
      PowerShell module to export a local copy of an Entra (Azure AD) tenant configuration.
      PowerShell
      MIT License
      93100Updated Dec 26, 2023Dec 26, 2023

    • atomic-red-team

      Public
      Small and highly portable detection tests based on MITRE's ATT&CK.
      C
      MIT License
      2.8k000Updated Dec 26, 2023Dec 26, 2023

    • ScubaGear

      Public
      (Azure Gov and GCC High Supported). Automation to assess the state of your M365 tenant against CISA's baselines.
      compliance-as-codecisam365gcchighazuregov
      Open Policy Agent
      Creative Commons Zero v1.0 Universal
      222100Updated Dec 26, 2023Dec 26, 2023

    • PSScriptAnalyzer

      Public
      Download ScriptAnalyzer from PowerShellGallery
      C#
      MIT License
      377104Updated Dec 26, 2023Dec 26, 2023

    • BloodHound

      Public
      Six Degrees of Domain Admin
      PowerShell
      GNU General Public License v3.0
      1.7k0011Updated Aug 25, 2023Aug 25, 2023

    • malware-samples

      Public
      A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
      ActionScript
      MIT License
      191000Updated Aug 25, 2023Aug 25, 2023

    • DeepBlueCLI

      Public
      PowerShell
      GNU General Public License v3.0
      354000Updated Aug 25, 2023Aug 25, 2023

    • Azure-Sentinel

      Public
      Cloud-native SIEM for intelligent security analytics for your entire enterprise.
      Jupyter Notebook
      MIT License
      3k206Updated Aug 25, 2023Aug 25, 2023

    • microsoft-info

      Public
      Repository hosting a list of Microsoft First party apps
      PowerShell
      MIT License
      14000Updated Aug 25, 2023Aug 25, 2023

    • paths-filter

      Public
      Conditionally run actions based on files modified by PR, feature branch or pushed commits
      TypeScript
      MIT License
      248000Updated Jun 7, 2023Jun 7, 2023

    • microsoft-teams-emergency-operations-center

      Public
      The Microsoft Teams Emergency Operations Center (TEOC) solution template leverages the power of the Microsoft 365 platform to centralize incident response, information sharing and field communications using powerful services like Microsoft Lists, SharePoint and more.
      TypeScript
      MIT License
      38000Updated May 24, 2023May 24, 2023

    • bicep

      Public
      Bicep is a declarative language for describing and deploying Azure resources
      Bicep
      MIT License
      7530063Updated Mar 6, 2023Mar 6, 2023

    • rita

      Public
      Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
      Go
      GNU General Public License v3.0
      362002Updated Feb 25, 2023Feb 25, 2023

    • msticpy

      Public
      Microsoft Threat Intelligence Security Tools
      Python
      Other
      321005Updated Jan 11, 2023Jan 11, 2023

    • Winget-AutoUpdate

      Public
      WAU daily updates apps as system and notify connected users. (Allowlist and Blocklist support)
      PowerShell
      MIT License
      141000Updated Nov 8, 2022Nov 8, 2022

    • winget-cli-restsource

      Public
      This project aims to provide a reference implementation for creating a REST based package source for the winget client.
      C#
      MIT License
      62000Updated Oct 28, 2022Oct 28, 2022

    • HaloAPI

      Public
      PowerShell module for the Halo Service Solutions series of software products.
      PowerShell
      MIT License
      39000Updated Oct 3, 2022Oct 3, 2022

    • CVE-2022-30190

      Public
      Microsoft Sentinel analytic rule and hunting queries in ASIM for activity of MSDT and CVE-2022-30190.
      alertingsentinelhuntingasimcve-2022-30190
      The Unlicense
      1400Updated Jun 8, 2022Jun 8, 2022

    • CVE-2022-29072

      Public
      ** DISPUTED ** 7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area. This is caused by misconfiguration of 7z.dll and a heap overflow. The command runs in a child process under the 7zFM.exe process, NOTE: multiple third parties have reported that …
      vulnerability7zipcve-2022-29072
      PowerShell
      The Unlicense
      0800Updated Apr 20, 2022Apr 20, 2022

    • OSSEM

      Public
      Open Source Security Events Metadata (OSSEM)
      Python
      215000Updated Nov 2, 2021Nov 2, 2021

    • HELK

      Public
      The Hunting ELK
      Jupyter Notebook
      GNU General Public License v3.0
      683000Updated May 12, 2021May 12, 2021

    • sentinel-attack

      Public
      Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
      HCL
      MIT License
      207000Updated Apr 27, 2021Apr 27, 2021

    • CRTgov

      Public
      PowerShell
      MIT License
      0000Updated Jan 6, 2021Jan 6, 2021