Sample queries for Advanced hunting in Windows Defender ATP
β11Apr 22, 2020Updated 5 years ago
Alternatives and similar repositories for WindowsDefenderATP-Hunting-Queries
Users that are interested in WindowsDefenderATP-Hunting-Queries are comparing it to the libraries listed below
Sorting:
- Automated Phishing Toolβ11May 27, 2020Updated 5 years ago
- Scan git repos for secrets using regex and entropy πβ10Jun 18, 2020Updated 5 years ago
- Azure PowerShell Scripts for Compute, Virtual Machines, Networking, Storage, Disks and Resource Groups.β16Sep 24, 2024Updated last year
- Repo used to deploy Azure Resources using Terraform and GitHub Actionsβ39Jan 26, 2026Updated last month
- AssemblyLine4 documentationβ28Mar 6, 2026Updated 2 weeks ago
- A central place for me to share interesting PSRemoting configurationsβ16Jun 28, 2017Updated 8 years ago
- Set of ultra technical notes about ADβ18Jun 17, 2018Updated 7 years ago
- Efflanrs - GUI for Snaffler Outputβ26Sep 13, 2024Updated last year
- PyVelociraptor contains the python bindings for the Velociraptor API.β21Feb 11, 2026Updated last month
- Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampiβ¦β66Aug 14, 2025Updated 7 months ago
- A tool to attack ARPβ15May 27, 2021Updated 4 years ago
- Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentestsβ15Feb 27, 2021Updated 5 years ago
- Splunk app for Threat huntingβ15Nov 15, 2018Updated 7 years ago
- Fake Update Website ( On Click Automatic Download Windows Payload )β11Apr 8, 2020Updated 5 years ago
- repository containing some nmap scriptsβ16Jan 15, 2021Updated 5 years ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by developβ¦β26Jun 30, 2021Updated 4 years ago
- KQL Queriesβ34Feb 17, 2026Updated last month
- β13Mar 23, 2023Updated 2 years ago
- automated sticky keys backdoorβ10Feb 12, 2016Updated 10 years ago
- A PHP wrapper template to execute PowerShell payloadsβ11Apr 2, 2021Updated 4 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPsβ10Sep 26, 2017Updated 8 years ago
- Minimalistic WebUI for passiveDNS toolβ18May 6, 2021Updated 4 years ago
- β10Jul 8, 2024Updated last year
- β39Mar 12, 2026Updated last week
- Python code injection libraryβ10Jul 30, 2018Updated 7 years ago
- This is an Active Directory Pentesting Lab created by me which includes attacks like IPV6 DNS takeover, Smb relay, unconstrained delegatiβ¦β22Jan 23, 2024Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.β12Dec 28, 2021Updated 4 years ago
- Vxheaven.org website's mirrorβ23Nov 19, 2018Updated 7 years ago
- This repository contains a mindmap for different techniques for using Censys Searchβ15Sep 17, 2025Updated 6 months ago
- Carbon Black Response IR toolβ55Dec 10, 2020Updated 5 years ago
- Transform EQL detection rules to VQL artifactsβ12Nov 12, 2021Updated 4 years ago
- A compilation of customizations for Debian-based Linux distrubutions (mostly Pop!_OS and Kali Linux) and (finally) a mostly automated scrβ¦β18Jan 1, 2026Updated 2 months ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Planβ17Sep 4, 2021Updated 4 years ago
- Active Directory Pentesting Full Course - Red Team Hackingβ29Dec 13, 2021Updated 4 years ago
- A tool to download malwaresβ16May 22, 2023Updated 2 years ago
- Netwitness Maltego integration Projectβ18May 9, 2017Updated 8 years ago
- Passivedns monitor implementation in Rust.β12Apr 21, 2016Updated 9 years ago
- A project aimed at automating and making repetitive tasks easy while pentesting , like creating msf payloads or a one-liner reverse shelβ¦β11Nov 14, 2022Updated 3 years ago
- Exploit code for CVE-2019-17662β18Sep 12, 2021Updated 4 years ago