Windows Defender ATP - Advanced Hunting Queries
☆22Apr 12, 2018Updated 7 years ago
Alternatives and similar repositories for WDATP-Advanced-Hunting
Users that are interested in WDATP-Advanced-Hunting are comparing it to the libraries listed below
Sorting:
- Poison Ivy Appendix/Extras☆18Aug 21, 2013Updated 12 years ago
- A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.☆18Sep 10, 2023Updated 2 years ago
- ☆14Feb 22, 2021Updated 5 years ago
- PowerShell Scripts, Snippets, bare minmium ideas☆15Feb 5, 2026Updated last month
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 4 years ago
- Additional Resources to improve Customer Experience with Azure Advanced Threat Protection☆22Jun 12, 2023Updated 2 years ago
- PowerShell commands to export the Azure Sentinel Rule Templates to a CSV and to create the Rules from selected entries in the CSV file☆17Oct 31, 2024Updated last year
- Powershell to read ETL file on an interval and convert it to an EVTX (so Windows Event Forwarding can 'subscribe')☆11May 16, 2017Updated 8 years ago
- Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)☆12Jan 22, 2026Updated last month
- A running list of Windows sources and the related event ids.☆19Aug 2, 2023Updated 2 years ago
- Defender Resource Hub☆30Feb 23, 2026Updated 3 weeks ago
- A curated list of awesome YARA rules, tools, and people.☆33Oct 26, 2023Updated 2 years ago
- ☆14May 30, 2018Updated 7 years ago
- Miscellaneous stuff I create☆64Feb 19, 2026Updated last month
- Data Governance app for Splunk☆12Oct 19, 2023Updated 2 years ago
- ☆30Nov 11, 2024Updated last year
- Plugin based information gathering library☆28May 4, 2023Updated 2 years ago
- Hints for the Kusto Detective Agency - Season 2☆10Aug 15, 2023Updated 2 years ago
- Detecting and Responding to Threats using Microsoft 365 Defender, published by Packt☆16Jul 10, 2023Updated 2 years ago
- Sentinel Analytics Rule converter PowerShell module☆67Feb 24, 2026Updated 3 weeks ago
- ☆12Oct 29, 2025Updated 4 months ago
- ASN Lookup Generator for Splunk☆10Jan 24, 2024Updated 2 years ago
- Small and highly portable detection tests based on MITRE's ATT&CK.☆12Jun 24, 2021Updated 4 years ago
- KQL queries for Advanced Hunting☆177Jan 16, 2020Updated 6 years ago
- Sample queries for Advanced hunting in Microsoft 365 Defender☆2,053Feb 17, 2022Updated 4 years ago
- Automated Use Case Testing☆171May 1, 2018Updated 7 years ago
- Malware - Machine Learning☆11Mar 24, 2018Updated 7 years ago
- Set Operations App for Splunk☆10Mar 29, 2021Updated 4 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆23Aug 21, 2019Updated 6 years ago
- ☆17Feb 25, 2026Updated 3 weeks ago
- Security diagnostic quick start guide. Identifying the best measures and establishing specific security procedures for your organization.☆11May 29, 2019Updated 6 years ago
- This repository is used to store the Azure Information Protection Deployment Acceleration Guide☆29May 31, 2019Updated 6 years ago
- JSON Tools Technology Add-On for Splunk☆10Mar 31, 2021Updated 4 years ago
- ☆11Nov 13, 2024Updated last year
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 3 years ago
- ☆18Jul 13, 2022Updated 3 years ago
- Microsoft Defender ATP Manageability and Maintenance scripts☆29Jun 12, 2023Updated 2 years ago
- A Splunk technology add-on for osquery☆14Sep 5, 2025Updated 6 months ago
- Sandbox feature upgrade with the help of wrapped samples☆76Jun 23, 2018Updated 7 years ago