anthonws/WindowsDefenderATP-Hunting-Queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

anthonws/WindowsDefenderATP-Hunting-Queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/anthonws/WindowsDefenderATP-Hunting-Queries)

Close

anthonws / WindowsDefenderATP-Hunting-QueriesView on GitHubMore

• External links
• Readme badge

Sample queries for Advanced hunting in Windows Defender ATP

☆11Apr 22, 2020Updated 6 years ago

Alternatives and similar repositories for WindowsDefenderATP-Hunting-Queries

Users that are interested in WindowsDefenderATP-Hunting-Queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• dafthack / zphisher

  View on GitHub
  Automated Phishing Tool
  ☆11May 27, 2020Updated 5 years ago
• dafthack / gitleaks

  View on GitHub
  Scan git repos for secrets using regex and entropy 🔑
  ☆10Jun 18, 2020Updated 5 years ago
• andreipintica / Azure-PowerShell-Scripts

  View on GitHub
  Azure PowerShell Scripts for Compute, Virtual Machines, Networking, Storage, Disks and Resource Groups.
  ☆17Sep 24, 2024Updated last year
• Pwd9000-ML / Azure-Terraform-Deployments

  View on GitHub
  Repo used to deploy Azure Resources using Terraform and GitHub Actions
  ☆39Jan 26, 2026Updated 3 months ago
• CybercentreCanada / assemblyline4_docs

  View on GitHub
  AssemblyLine4 documentation
  ☆28Apr 23, 2026Updated 3 weeks ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• vector-sec / PSRemotingConfigurations

  View on GitHub
  A central place for me to share interesting PSRemoting configurations
  ☆16Jun 28, 2017Updated 8 years ago
• vletoux / ADSecrets

  View on GitHub
  Set of ultra technical notes about AD
  ☆18Jun 17, 2018Updated 7 years ago
• CyberCX-STA / Efflanrs

  View on GitHub
  Efflanrs - GUI for Snaffler Output
  ☆27Sep 13, 2024Updated last year
• Velocidex / pyvelociraptor

  View on GitHub
  PyVelociraptor contains the python bindings for the Velociraptor API.
  ☆21May 5, 2026Updated 2 weeks ago
• turbot / steampipe-mod-zoom-compliance

  View on GitHub
  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampi…
  ☆66Mar 25, 2026Updated last month
• zer1t0 / arplayer

  View on GitHub
  A tool to attack ARP
  ☆15May 27, 2021Updated 4 years ago
• defensahacker / viewstate-decoder

  View on GitHub
  Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests
  ☆15Feb 27, 2021Updated 5 years ago
• olafhartong / SA-Threat-Hunting

  View on GitHub
  Splunk app for Threat hunting
  ☆15Nov 15, 2018Updated 7 years ago
• jaydeepnasit / Fake-Update-Page

  View on GitHub
  Fake Update Website ( On Click Automatic Download Windows Payload )
  ☆11Apr 8, 2020Updated 6 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• GossiTheDog / nmap-scripts

  View on GitHub
  repository containing some nmap scripts
  ☆16Jan 15, 2021Updated 5 years ago
• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL

  View on GitHub
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆26Jun 30, 2021Updated 4 years ago
• jkerai1 / KQL-Queries

  View on GitHub
  KQL Queries
  ☆40May 13, 2026Updated last week
• paramint / AD-Attack-Defense

  View on GitHub
  ☆13Mar 23, 2023Updated 3 years ago
• szymon1118 / logon_backdoor

  View on GitHub
  automated sticky keys backdoor
  ☆10Feb 12, 2016Updated 10 years ago
• Cryilllic / PHP-PowerShell

  View on GitHub
  A PHP wrapper template to execute PowerShell payloads
  ☆11Apr 2, 2021Updated 5 years ago
• PwCUK-CTO / OperationCloudHopper

  View on GitHub
  Indicators of compromise relating to our report on APT10's targeting of global MSPs
  ☆10Sep 26, 2017Updated 8 years ago
• phunold / pdns-ui

  View on GitHub
  Minimalistic WebUI for passiveDNS tool
  ☆18May 6, 2021Updated 5 years ago
• redhotchilihacker1 / Mergen

  View on GitHub
  ☆10Jul 8, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• AnikateSawhney / Active-Directory-Penetration-Testing-Lab

  View on GitHub
  This is an Active Directory Pentesting Lab created by me which includes attacks like IPV6 DNS takeover, Smb relay, unconstrained delegati…
  ☆23Jan 23, 2024Updated 2 years ago
• andreafortuna / pycodeinjector

  View on GitHub
  Python code injection library
  ☆10Jul 30, 2018Updated 7 years ago
• NateHutch365 / MDEValidator

  View on GitHub
  ☆43Updated this week
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• censys-workshop / censys-search-mindmap

  View on GitHub
  This repository contains a mindmap for different techniques for using Censys Search
  ☆15Sep 17, 2025Updated 8 months ago
• guitmz / mirror-vxheaven.org

  View on GitHub
  Vxheaven.org website's mirror
  ☆24Nov 19, 2018Updated 7 years ago
• lawiet47 / autoresponder

  View on GitHub
  Carbon Black Response IR tool
  ☆56Dec 10, 2020Updated 5 years ago
• Velocidex / eql2vql

  View on GitHub
  Transform EQL detection rules to VQL artifacts
  ☆12Nov 12, 2021Updated 4 years ago
• takieyda / linux_customizations

  View on GitHub
  A compilation of customizations for Debian-based Linux distrubutions (mostly Pop!_OS and Kali Linux) and (finally) a mostly automated scr…
  ☆19Updated this week
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• ReconInfoSec / adversary-emulation-map

  View on GitHub
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Sep 4, 2021Updated 4 years ago
• rabakuku / Udemy-Red-Team-Hacking-Course

  View on GitHub
  Active Directory Pentesting Full Course - Red Team Hacking
  ☆31Dec 13, 2021Updated 4 years ago
• neriberto / hg

  View on GitHub
  A tool to download malwares
  ☆16May 22, 2023Updated 2 years ago
• johannestaas / rust-passivedns

  View on GitHub
  Passivedns monitor implementation in Rust.
  ☆12Apr 21, 2016Updated 10 years ago
• bostonlink / nwmaltego

  View on GitHub
  Netwitness Maltego integration Project
  ☆18May 9, 2017Updated 9 years ago
• Cipher7 / dmenu_pentest

  View on GitHub
  A project aimed at automating and making repetitive tasks easy while pentesting , like creating msf payloads or a one-liner reverse shel…
  ☆11Nov 14, 2022Updated 3 years ago
• MuirlandOracle / CVE-2019-17662

  View on GitHub
  Exploit code for CVE-2019-17662
  ☆18Sep 12, 2021Updated 4 years ago