9 results found Sort:

Bert-JanP
Hunting-Queries-Detection-Rules Bert-JanP
256
1.4k
bsd-3-clause
65
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
kql mde mdi dfir misp azure infosec blueteam security sentinel zero-day cybersecurity threat-hunting defender-for-endpoint vulnerability-management
Created 2022-05-30
436 commits to main branch, last one 7 days ago
FalconForceTeam
FalconFriday FalconForceTeam
94
772
bsd-3-clause
55
Hunting queries and detections
kql hunting blueteam sentinel purpleteam defender-atp defender-for-endpoint
Created 2020-08-04
100 commits to main branch, last one about a month ago
Cyb3r-Monk
Threat-Hunting-and-Detection Cyb3r-Monk
103
711
bsd-3-clause
30
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
kql dfir cybersecurity kusto-language threat-hunting threat-detection microsoft-sentinel defender-for-endpoint detection-engineering
Created 2020-11-02
30 commits to main branch, last one 2 months ago
alexverboon
MDATP alexverboon
59
459
mit
32
MDATP
kql blogs learning threathunting defender-for-endpoint defender-for-identity microsoft-defender-xdr defender-for-cloud-apps defender-for-office-365
This repository has been archived (exclude archived)
Created 2019-06-15
208 commits to master branch, last one 7 months ago
lawndoc
AdvancedHuntingQueries lawndoc
18
119
unlicense
5
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.
kql xdr kusto hunting defender security detection microsoft defender-atp microsoft365 cybersecurity cyber-security threat-hunting defender-for-endpoint detection-engineering
Created 2021-08-13
140 commits to main branch, last one 7 months ago
jischell-msft
RemoteManagementMonitoringTools jischell-msft
8
84
mit
3
Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
kql mde rmm security threat-hunting remotemanagement defender-for-endpoint
Created 2023-10-17
85 commits to main branch, last one 7 months ago
MHaggis
ASRGEN MHaggis
5
37
apache-2.0
2
ASR Configurator, Essentials and Atomic Testing
asr windows defender-for-endpoint attack-surface-reduction
Created 2023-11-16
66 commits to main branch, last one 4 months ago
jkerai1
SoftwareCertificates jkerai1
6
31
unknown
2
Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC
gpo mde azure block defender software microsoft certificate unsanctioned pull-requests softwareblocking defender-for-endpoint
Created 2023-02-13
2,267 commits to main branch, last one 13 hours ago
alexverboon
IntuneCustomCompliance alexverboon
7
31
mit
2
Microsoft Intune Custom Compliance
json security-audit microsoft-intune powershell-script compliance-profiles defender-for-endpoint
Created 2024-03-17
6 commits to main branch, last one 11 months ago