KQL queries for Microsoft Defender Advanced Hunting organized around the TTPs of the MITRE ATT&CK framework.
☆18Nov 7, 2024Updated last year
Alternatives and similar repositories for Defender-Advanced-Hunting-Queries
Users that are interested in Defender-Advanced-Hunting-Queries are comparing it to the libraries listed below
Sorting:
- ☆14Feb 6, 2026Updated 3 weeks ago
- Engineering Guidance and Standards for the Home Office☆21Updated this week
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- Deploy your DNS configuration using GitHub Actions using DNSControl.☆11Feb 19, 2026Updated 2 weeks ago
- This is a gui interface for airmon-ng☆14Mar 23, 2023Updated 2 years ago
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- Conditional Access baseline for March 2025☆12Mar 4, 2025Updated last year
- An Ansible playbook that installs Kubernetes☆14Jan 2, 2026Updated 2 months ago
- Real-World DevOps Project From Start To Finish, by Packt Publishing☆14Dec 2, 2024Updated last year
- ☆12Apr 4, 2024Updated last year
- ☆14Jan 18, 2020Updated 6 years ago
- Collection of Cyber Threat Intelligence sources from the deep and dark web☆11Sep 21, 2022Updated 3 years ago
- A collection of Ansible automation roles for my homelab.☆12Jan 17, 2025Updated last year
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, an…☆13Feb 18, 2024Updated 2 years ago
- CVE-2025-64155: Fortinet FortiSIEM Argument Injection to Remote Code Execution☆31Jan 13, 2026Updated last month
- a github repo that will be used for teaching bash optimizations in a youtube series☆10Jul 6, 2021Updated 4 years ago
- ☆49Feb 15, 2026Updated 2 weeks ago
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆44Nov 7, 2020Updated 5 years ago
- Ansible script to setup my linux system environment☆11Oct 1, 2025Updated 5 months ago
- ☆12Aug 5, 2024Updated last year
- Open source HIDS tailored for Microsoft Windows and Active Directory☆29Feb 13, 2026Updated 3 weeks ago
- Raindrop.io quick search for the terminal and Alfred☆15Nov 6, 2022Updated 3 years ago
- setting up Mac as much as automatically!☆11Feb 24, 2026Updated last week
- Link that! is a very simple self-hosted bookmark manager.☆15Feb 9, 2025Updated last year
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- Gungnir - Homelab Automation Tool to Guard your very own Asgard☆16Jan 26, 2026Updated last month
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 10 months ago
- If you a security engineer or an aspirant Security professional then Setting up a Wazuh home lab environment is an excellent way for SOC …☆17Mar 27, 2024Updated last year
- Programmable dynamic firewall API for Windows platform written in C#.☆11Sep 2, 2022Updated 3 years ago
- ☆11Sep 23, 2017Updated 8 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- ☆10Oct 25, 2020Updated 5 years ago
- Collection of playbooks I run in my personal home-lab.☆14Apr 5, 2023Updated 2 years ago
- All TMF files that I extracted from Microsoft PDBs.☆14Jun 29, 2019Updated 6 years ago
- ☆18Oct 2, 2025Updated 5 months ago
- Repository for Ludus french templates☆21Updated this week
- Lab4PurpleSec is a modular Purple Team homelab combining a vulnerable Active Directory environment (GOAD), a Docker-based web DMZ, pfSens…☆21Dec 31, 2025Updated 2 months ago