MCP to help Defenders Detection Engineer Harder and Smarter

Zork I (Microcomputer Version) by Infocom

Zork II (Microcomputer Version) (Infocom)

Zork III (Infocom)

KQL Queries

Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

inspect EntraID SCIM flows for troubleshooting

This repository includes scripts to perform bulk tasks in Purview Unified Catalog and Data governance.

This is the repository for the fiction book series: Old Like Us

Azure Sentinel KQL

all of the workflows of n8n i could find (also from the site itself)

A fork of the great TokenTactics with support for CAE and token endpoint v2

Azure AD B2C custom policy solutions and samples.

Check is an advanced open source browser extension by CyberDrain that provides real-time protection against Microsoft 365 phishing attacks. Designed for enterprises and managed service providers, C…

A collection of Azure AD/Entra tools for offensive and defensive security purposes

Code included as part of the MustLearnKQL blog series

Content related to Microsoft Security Copilot

tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it

An offensive toolkit for restless guests #DEFCON33

The dataset for KQL Courtroom Drama: The Data Trial blog post

The dataset for the KQL Fantasy Quest: The Query of Legends blog post

This is the dataset for the KQL Time Heist: Stealing Insights from History blog post.

This is the GitHub Repo for the KQL Band Tour: Rocking the Data Stage blog post

The dataset for the KQL Choose-Your-Own-Adventure: Interactive Query Learning blog post.

This is the dataset for the KQL Reality Show: Survivor: Data Island blog post