☆10Oct 25, 2020Updated 5 years ago
Alternatives and similar repositories for Sysmon_to_AdvancedHunting_KQL
Users that are interested in Sysmon_to_AdvancedHunting_KQL are comparing it to the libraries listed below
Sorting:
- Cobalt Strike/C2 Servers☆13Apr 22, 2021Updated 4 years ago
- ☆28Mar 29, 2022Updated 3 years ago
- UglyEXe - bypass some AVs☆17Feb 28, 2020Updated 6 years ago
- Recent cyber attacks reports & interesting analysis files☆15Apr 14, 2022Updated 3 years ago
- material for exploit development☆18May 3, 2019Updated 6 years ago
- Bro integration with osquery☆15Mar 24, 2023Updated 2 years ago
- NightWriter is a modern real-time collaborative editing tool secured by end-to-end encryption.☆18Oct 16, 2021Updated 4 years ago
- ☆19Sep 3, 2021Updated 4 years ago
- An example of a mis-configured Rails application release under MIT license.☆21Jan 19, 2023Updated 3 years ago
- shellDAVpass application is the Open-Source project, the main idea of which is to bypass the defender and AntiVirus detections to conduct…☆28Oct 3, 2025Updated 5 months ago
- ☆19Dec 12, 2023Updated 2 years ago
- labs_modern_malware_c2 Originally supporting Defcon workshop, will morph into Attack Defend for C2.☆20Aug 13, 2022Updated 3 years ago
- Tooling for the OffSec Experienced Pentester (OSEP) and OffSec Exploit Developer (OSED) course☆28Mar 13, 2024Updated last year
- Panoptes Endpoint Detection and Response Solution☆42Jan 19, 2026Updated last month
- A spreadsheet designed to automatically generate Key Performance Indicators (charts) for Cyber Security Services based on documented data…☆31Jul 19, 2024Updated last year
- DEPRECATED -> GO TO https://github.com/microsoft/Microsoft-threat-protection-Hunting-Queries☆21Apr 22, 2020Updated 5 years ago
- Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, Pro…☆22Dec 11, 2020Updated 5 years ago
- A simple binary wrapper for DNS canarytokens.☆25Sep 20, 2022Updated 3 years ago
- A simple bastion host setup designed for cloud-hosted lab environments.☆30Dec 4, 2020Updated 5 years ago
- ☆27Mar 2, 2022Updated 4 years ago
- ☆28Jun 18, 2019Updated 6 years ago
- ☆65Jun 5, 2021Updated 4 years ago
- TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structure…☆51Jun 21, 2025Updated 8 months ago
- Windows Security Logging☆43Jul 17, 2022Updated 3 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82May 23, 2023Updated 2 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆142Jun 1, 2023Updated 2 years ago
- Azure AD (Entra ID) enumeration tool. Find related domains and tenant information in a simple way.☆35Oct 4, 2024Updated last year
- ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…☆41Jun 6, 2023Updated 2 years ago
- ☆83Jan 25, 2017Updated 9 years ago
- ☆14Feb 6, 2026Updated 3 weeks ago
- ☆10Oct 9, 2024Updated last year
- OOB listener powered by cloudflare workers☆12Apr 13, 2025Updated 10 months ago
- Mitre Att&ck Technique Emulation☆82Mar 6, 2019Updated 6 years ago
- ☆39Sep 29, 2021Updated 4 years ago
- Automation around Entra ID☆38Jul 21, 2025Updated 7 months ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆38Feb 16, 2020Updated 6 years ago
- MCP to help Defenders Detection Engineer Harder and Smarter☆252Updated this week
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆239Feb 8, 2023Updated 3 years ago