2 results found Sort:

cyb3rmik3
KQL-threat-hunting-queries cyb3rmik3
66
593
mit
13
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
kql kusto security sentinel microsoft kusto-query threat-hunt microsoftxdr microsoft-365 microsoft-xdr securitycenter threat-hunting threat-detecting threat-detection microsoft-security microsoft-sentinel kusto-query-language microsoft-365-defender microsoft-365-security
Created 2022-07-19
343 commits to main branch, last one 3 days ago
cyb3rmik3
MDE-DFIR-Resources cyb3rmik3
38
354
mit
11
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
kql mde dfir kusto microsoft resources kusto-query curated-list live-response digital-forensics incident-response curated-collections kusto-query-language microsoft-defender-for-endpoint digital-forensics-incident-response
Created 2023-11-01
51 commits to main branch, last one about a month ago