some KQL Queries for Advanced Hunting
☆76Apr 2, 2026Updated last week
Alternatives and similar repositories for KQLAdvancedHunting
Users that are interested in KQLAdvancedHunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Block abused TLDs in Tenant Allow BlockList☆15Jan 21, 2026Updated 2 months ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 9 months ago
- Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.☆114Updated this week
- KQL Queries☆34Mar 19, 2026Updated 3 weeks ago
- Automatic Microsoft Sentinel Deployment☆16Apr 1, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Advanced Threat Hunting: Ransomware Group☆28Jul 9, 2025Updated 9 months ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆64Mar 30, 2026Updated last week
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆67Mar 31, 2026Updated last week
- Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)☆12Jan 22, 2026Updated 2 months ago
- Automatically generated Sysmon parser for Azure Sentinel☆18Jan 6, 2026Updated 3 months ago
- AutoMSF is a Python script designed for fast generation and deployment of multiple types of Meterpreter reverse_https payloads. Created t…☆19Mar 20, 2025Updated last year
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆62May 3, 2024Updated last year
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆197Mar 16, 2026Updated 3 weeks ago
- Share Information about Microsoft Security Products☆58Mar 27, 2026Updated last week
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- scripts to use against the Nessus Professional API☆14Jan 23, 2024Updated 2 years ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,679Updated this week
- PowerShell-based Automation of Defender for Endpoint☆191Jul 3, 2025Updated 9 months ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆862Updated this week
- This tool is designed to assist you in analyzing issues related to Defender for Endpoint on your local endpoint. It offers a centralized …☆103Mar 27, 2026Updated last week
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆148Apr 1, 2026Updated last week
- A mirror image of my detection rules☆65Updated this week
- Maintained by the ANY.RUN team, this repository provides YARA rules to help detect and classify various malware families and other malici…☆26Nov 1, 2025Updated 5 months ago
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆81Feb 10, 2026Updated last month
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆14May 8, 2025Updated 11 months ago
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆766Aug 28, 2025Updated 7 months ago
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- This repository has been archived. Please use https://github.com/microsoft/InclusivenessAnalyzerVisualStudio Roslyn analyzer that provid…☆14Sep 20, 2022Updated 3 years ago
- Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL☆282Aug 28, 2024Updated last year
- All about Microsoft 365 Enterprise Mobility + Security (EMS)☆25Dec 3, 2023Updated 2 years ago
- Application Insights for PowerShell scripts and Modules☆12Jan 22, 2019Updated 7 years ago
- SharePoint Sample Search Configurations☆10Dec 2, 2023Updated 2 years ago
- The Azure Hyper-V Lab makes virtualization on Azure effortless, perfect for experimenting, learning, and building proof-of-concepts.☆15May 17, 2025Updated 10 months ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- ☆77Feb 27, 2026Updated last month
- ☆13Dec 12, 2022Updated 3 years ago
- This sample Cordova application enumerates files stored in OneDrive for Business☆14Nov 28, 2022Updated 3 years ago
- ☆55Jan 19, 2026Updated 2 months ago
- Package Management (OneGet) provider that facilitates installing Chocolatey packages from any NuGet repository.☆13Oct 23, 2020Updated 5 years ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆119Aug 19, 2025Updated 7 months ago
- Conditional Access baseline for March 2025☆12Mar 4, 2025Updated last year