some KQL Queries for Advanced Hunting
☆84May 12, 2026Updated last week
Alternatives and similar repositories for KQLAdvancedHunting
Users that are interested in KQLAdvancedHunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Block abused TLDs in Tenant Allow BlockList☆15May 5, 2026Updated 2 weeks ago
- Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.☆199May 12, 2026Updated last week
- Advanced Threat Hunting: Ransomware Group☆28Jul 9, 2025Updated 10 months ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 11 months ago
- KQL Queries☆40May 13, 2026Updated last week
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆70May 8, 2026Updated last week
- Automatic Microsoft Sentinel Deployment☆16Apr 1, 2025Updated last year
- PowerShell-based Automation of Defender for Endpoint☆193Jul 3, 2025Updated 10 months ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆886May 11, 2026Updated last week
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆200Updated this week
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆65Mar 30, 2026Updated last month
- Automatically generated Sysmon parser for Azure Sentinel☆18Jan 6, 2026Updated 4 months ago
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,692May 10, 2026Updated last week
- ☆22Jan 31, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- scripts to use against the Nessus Professional API☆14Jan 23, 2024Updated 2 years ago
- KQL Sentinel and Defender Detection and Hunting Queries.☆16Feb 24, 2026Updated 2 months ago
- ☆18Dec 31, 2025Updated 4 months ago
- This tool is designed to assist you in analyzing issues related to Defender for Endpoint on your local endpoint. It offers a centralized …☆104Mar 27, 2026Updated last month
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆153Apr 1, 2026Updated last month
- Share Information about Microsoft Security Products☆86Updated this week
- Maintained by the ANY.RUN team, this repository provides YARA rules to help detect and classify various malware families and other malici…☆28Nov 1, 2025Updated 6 months ago
- ☆16May 8, 2025Updated last year
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆769Updated this week
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This directory contains presentations and related materials of my speaking engagements. I also use this to record historical presentation…☆17Feb 13, 2025Updated last year
- This repository has been archived. Please use https://github.com/microsoft/InclusivenessAnalyzerVisualStudio Roslyn analyzer that provid…☆14Sep 20, 2022Updated 3 years ago
- A mirror image of my detection rules☆120May 10, 2026Updated last week
- My personal work with Copilot for Security☆200Jun 27, 2025Updated 10 months ago
- A function to make console spinners from PowerShell...☆18Dec 26, 2020Updated 5 years ago
- Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL☆285Aug 28, 2024Updated last year
- All about Microsoft 365 Enterprise Mobility + Security (EMS)☆25Dec 3, 2023Updated 2 years ago
- Application Insights for PowerShell scripts and Modules☆12Jan 22, 2019Updated 7 years ago
- SharePoint Sample Search Configurations☆11May 4, 2026Updated 2 weeks ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A list of AI leaders and communities you can follow☆26Jun 18, 2025Updated 11 months ago
- The Azure Hyper-V Lab makes virtualization on Azure effortless, perfect for experimenting, learning, and building proof-of-concepts.☆15May 17, 2025Updated last year
- ☆77Feb 27, 2026Updated 2 months ago
- ☆14Dec 12, 2022Updated 3 years ago
- Sharing my KQL queries for Azure Sentinel☆209May 11, 2026Updated last week
- ☆54Jan 19, 2026Updated 4 months ago
- Package Management (OneGet) provider that facilitates installing Chocolatey packages from any NuGet repository.☆13Oct 23, 2020Updated 5 years ago