francoisfried / Defender-Advanced-Hunting-QueriesView external linksLinks
KQL queries for Microsoft Defender Advanced Hunting organized around the TTPs of the MITRE ATT&CK framework.
☆18Nov 7, 2024Updated last year
Alternatives and similar repositories for Defender-Advanced-Hunting-Queries
Users that are interested in Defender-Advanced-Hunting-Queries are comparing it to the libraries listed below
Sorting:
- ☆14Feb 6, 2026Updated last week
- Deploy your DNS configuration using GitHub Actions using DNSControl.☆11Jan 9, 2025Updated last year
- Conditional Access baseline for March 2025☆12Mar 4, 2025Updated 11 months ago
- This is a gui interface for airmon-ng☆14Mar 23, 2023Updated 2 years ago
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- Engineering Guidance and Standards for the Home Office☆21Feb 4, 2026Updated last week
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- Real-World DevOps Project From Start To Finish, by Packt Publishing☆14Dec 2, 2024Updated last year
- ☆14Jan 18, 2020Updated 6 years ago
- A collection of Ansible automation roles for my homelab.☆12Jan 17, 2025Updated last year
- ☆12Apr 4, 2024Updated last year
- Threat intelligence or Cyber Threat Intelligence is the process of identifying and analyzing gathered information about past, current, an…☆13Feb 18, 2024Updated last year
- CVE-2025-64155: Fortinet FortiSIEM Argument Injection to Remote Code Execution☆30Jan 13, 2026Updated last month
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Dec 22, 2023Updated 2 years ago
- Collection of Cyber Threat Intelligence sources from the deep and dark web☆11Sep 21, 2022Updated 3 years ago
- a github repo that will be used for teaching bash optimizations in a youtube series☆10Jul 6, 2021Updated 4 years ago
- An Ansible playbook that installs Kubernetes☆14Jan 2, 2026Updated last month
- ☆48Nov 4, 2025Updated 3 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 9 months ago
- ☆11Sep 23, 2017Updated 8 years ago
- ☆12Aug 5, 2024Updated last year
- Ansible script to setup my linux system environment☆11Oct 1, 2025Updated 4 months ago
- If you a security engineer or an aspirant Security professional then Setting up a Wazuh home lab environment is an excellent way for SOC …☆16Mar 27, 2024Updated last year
- setting up Mac as much as automatically!☆11Jan 12, 2026Updated last month
- Raindrop.io quick search for the terminal and Alfred☆15Nov 6, 2022Updated 3 years ago
- Gungnir - Homelab Automation Tool to Guard your very own Asgard☆16Jan 26, 2026Updated 2 weeks ago
- Link that! is a very simple self-hosted bookmark manager.☆15Feb 9, 2025Updated last year
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆44Nov 7, 2020Updated 5 years ago
- Programmable dynamic firewall API for Windows platform written in C#.☆11Sep 2, 2022Updated 3 years ago
- Open source HIDS tailored for Microsoft Windows and Active Directory☆29Updated this week
- Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace☆24Jul 19, 2023Updated 2 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- A desktop application version of Pluckeye Lockbox.☆10Jul 16, 2023Updated 2 years ago
- ⚙️ A ready-to-use template for creating interactive batch scripts.☆12Mar 12, 2025Updated 11 months ago
- ☆13Feb 6, 2018Updated 8 years ago
- Lists all visible objects in the Windows kernel object namespace, a command-line WinObj☆14May 27, 2018Updated 7 years ago
- ☆23Updated this week
- Collection of playbooks I run in my personal home-lab.☆14Apr 5, 2023Updated 2 years ago