List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by developing custom TTP'S from red-teaming engagements & simulations with the strategic goal to prevent threats before they have the opportunity to execute
☆26Jun 30, 2021Updated 5 years ago
Alternatives and similar repositories for DefenderATP-Proactive-Threat-Hunting-Queries-KQL
Users that are interested in DefenderATP-Proactive-Threat-Hunting-Queries-KQL are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 5 years ago
- Semantic analysis with neural networks☆10Feb 18, 2021Updated 5 years ago
- Sample queries for Advanced hunting in Microsoft Defender ATP☆38Dec 19, 2021Updated 4 years ago
- Repository with Sample KQL Query examples for Threat Hunting☆218Sep 1, 2022Updated 3 years ago
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆133Feb 10, 2026Updated 4 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Cheat sheets for threat hunting, detection and other stuff.☆34Oct 7, 2022Updated 3 years ago
- Threat Hunter's Knowledge Base☆23Dec 27, 2021Updated 4 years ago
- This repo is where I store my Threat Hunting ideas/content☆90Mar 20, 2026Updated 3 months ago
- Sample queries for Advanced hunting in Windows Defender ATP☆11Apr 22, 2020Updated 6 years ago
- Collection of Jupyter Notebook for Threat Hunting and Blue Team Purposes☆22Jun 15, 2022Updated 4 years ago
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆242Feb 8, 2023Updated 3 years ago
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- Scan git repos for secrets using regex and entropy 🔑☆10Jun 18, 2020Updated 6 years ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Collection of configuration files that can be used as good starting points to secure different services and tools☆17May 24, 2026Updated last month
- CIS Benchmark for Server Hardening RHEL Ubuntu☆13Apr 6, 2018Updated 8 years ago
- An opensource sigma conversion tool built using pysigma☆170Jun 29, 2026Updated last week
- Automating simple report creating of threat intelligence using ChatGPT and Greynoise API.☆10Oct 3, 2023Updated 2 years ago
- ☆72Oct 21, 2024Updated last year
- A collection of pcaps☆16Jul 5, 2015Updated 11 years ago
- Python code for 1) permuting randomly-generated passwords for easier entry on mobile devices, and 2) for estimating entropy lost as a res…☆16May 5, 2016Updated 10 years ago
- Proof of Concept - Using squid url rewrite feature to "hijack" proxy traffic and inject BeEF payload into it.☆13Feb 23, 2015Updated 11 years ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆53Jan 1, 2026Updated 6 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆27Aug 15, 2022Updated 3 years ago
- A collection of shellcode hashes☆17Aug 15, 2018Updated 7 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 8 years ago
- Random tips and tricks RE: ransomware☆14Aug 17, 2021Updated 4 years ago
- gundog - guided hunting in Microsoft Defender☆52Apr 29, 2021Updated 5 years ago
- Cross platform (i.e., Windows, Linux, Mac) assessment script. The script helps assess workstations for vulnerabilities and abnormalities.☆20Aug 14, 2015Updated 10 years ago
- Scanner for Regin Virtual Filesystems☆25Jan 20, 2015Updated 11 years ago
- ☆12Feb 8, 2023Updated 3 years ago
- A boundle of useful scripts☆20Apr 21, 2026Updated 2 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Bloodhound Portable for Windows☆55Apr 1, 2023Updated 3 years ago
- Advanced Hunting Queries for Microsoft Security Products☆108Jan 10, 2023Updated 3 years ago
- Jupyter Notebooks for the Blue Team☆146Mar 21, 2025Updated last year
- Kernels for Untangle products☆10May 6, 2026Updated 2 months ago
- Block IP addresses provided by blocklist.de via fail2ban☆14Sep 26, 2017Updated 8 years ago
- inProxy is a cross-platform web debugging proxy that let you capture, inspect, analyze, manipulate and mock all the HTTP, HTTPS and WebSo…☆14Jan 2, 2021Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆14Jan 17, 2023Updated 3 years ago