Alternatives and similar repositories for WindowsDefenderATP-Hunting-Queries:

Users that are interested in WindowsDefenderATP-Hunting-Queries are comparing it to the libraries listed below

• bengoerz / PurpleTeamDocs
  ☆28Updated 4 years ago
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆82Updated 5 months ago
• DefensiveOrigins / DO-LAB
  ☆45Updated 2 weeks ago
• tesorion / TCERT-Cumulonimbus-UAL_Extractor
  Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a…
  ☆18Updated last year
• humio / security_monitoring
  ☆40Updated last year
• ssnkhan / adversarial-threat-modelling
  Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop
  ☆57Updated this week
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 5 years ago
• nrrpinto / inquisitor
  Forensics artifacts collection
  ☆19Updated 3 years ago
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆16Updated 2 years ago
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated last year
• swisscom / Invoke-Forensics
  Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.
  ☆110Updated last year
• dwmetz / PSHero
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆36Updated last year
• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆24Updated 3 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆71Updated 2 months ago
• rj-chap / ransomware_tips
  Random tips and tricks RE: ransomware
  ☆14Updated 3 years ago
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 9 months ago
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆51Updated last year
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform
  ☆37Updated 3 weeks ago
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆64Updated 2 years ago
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆78Updated 2 years ago
• Antonlovesdnb / SANSTHS2021
  Hunting Malicious Macros SANS Threathunting Summit 2021 Materials
  ☆40Updated 3 years ago
• reprise99 / 4688-sysmon
  ☆50Updated last year
• MagnetForensics / Magnet-RESPONSE-PowerShell
  PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.
  ☆23Updated last week
• evild3ad / Get-MiniTimeline
  Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
  ☆27Updated 7 months ago
• zaneGittins / Huntress
  PowerShell tool to triage systems
  ☆12Updated last year
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆51Updated last month
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• andreafortuna / malhunt
  Hunt malware with Volatility
  ☆47Updated 8 months ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆45Updated 9 months ago