sunchippss's Projects
Using large language models to complete A Song of Ice and Fire.
A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
This repo contains code and examples to operationalize spreadsheet-based checklists that can be used for Azure design reviews on multiple technologies.
A collection of tools for azure security
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the process of identifying, collecting and analysing activity associated with BEC intrusions.
A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon
Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL
Detect Tactics, Techniques & Combat Threats
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Kusto Query Language
Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features from the Office 365 Audit Log.
Code included as part of the MustLearnKQL blog series
The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
Collection of KQL queries
Azure Sentinel KQL
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
Config files for my GitHub profile.
PHP code to determine which reality (Server OS and web app versions) the app is running in (yeah... it's a play on Rick and Morty)