Best Practices, queries, and packages for CQL the language of CrowdStrike's LogScale (Humio) log manager.

Microsoft Security Copilot is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, whi…

Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

Welcome to the Microsoft Defender for Cloud community repository

This is the Rust course used by the Android team at Google. It provides you the material to quickly teach Rust.

A python module for working with ATT&CK

Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proactively identify, engage and prevent cyber threats denying or…

Bootstrap Kubernetes the hard way. No scripts.

A framework for Engineering Managers

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Red Teaming Tactics and Techniques

Code included as part of the MustLearnKQL blog series

Repository with Sample KQL Query examples for Threat Hunting

Hunting queries and detections

Sample queries for Advanced hunting in Microsoft 365 Defender

Cyber Analytics Repository

Main Sigma Rule Repository

Detect Tactics, Techniques & Combat Threats

MDATP

Message Header Analyzer Add-in For Outlook

example queries for learning the kusto language

The source for the Linux kernel used in Windows Subsystem for Linux 2 (WSL2)

Code for my Go Cookbook articles

Kusto client libraries for Python

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

A simple command line tool to invoke the Azure Resource Manager API