gmellini/Microsoft-Defender-Security-Center-Hunting-Queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

gmellini/Microsoft-Defender-Security-Center-Hunting-Queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/gmellini/Microsoft-Defender-Security-Center-Hunting-Queries)

Close

gmellini / Microsoft-Defender-Security-Center-Hunting-QueriesView on GitHubMore

• External links
• Readme badge

Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview

☆40Apr 8, 2021Updated 4 years ago

Alternatives and similar repositories for Microsoft-Defender-Security-Center-Hunting-Queries

Users that are interested in Microsoft-Defender-Security-Center-Hunting-Queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL

  View on GitHub
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆26Jun 30, 2021Updated 4 years ago
• mr-r3b00t / parse_win_log

  View on GitHub
  ☆14Aug 21, 2022Updated 3 years ago
• jangeisbauer / AdvancedHunting

  View on GitHub
  Advanced Hunting Queries for Microsoft Security Products
  ☆108Jan 10, 2023Updated 3 years ago
• CGCFAD / WDATP-Advanced-Hunting

  View on GitHub
  Windows Defender ATP - Advanced Hunting Queries
  ☆22Apr 12, 2018Updated 7 years ago
• jangeisbauer / gundog

  View on GitHub
  gundog - guided hunting in Microsoft Defender
  ☆52Apr 29, 2021Updated 4 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• Fortigi / ConditionalAccess

  View on GitHub
  ☆21Mar 8, 2021Updated 5 years ago
• tsale / TA_tooling

  View on GitHub
  ☆10Dec 24, 2022Updated 3 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet

  View on GitHub
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆21Jul 1, 2023Updated 2 years ago
• mjmelone / KQL

  View on GitHub
  Michael Melone's Kusto Query library
  ☆20Nov 17, 2023Updated 2 years ago
• fastfire / IsraelPalestineConflict

  View on GitHub
  List of groups that are carrying out cyber actions in the conflict between Israel and Palestine.
  ☆30Apr 23, 2024Updated last year
• gh-andrem / DefenderXDR-AdvancedHunting-KQL

  View on GitHub
  Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
  ☆12Jan 22, 2026Updated 2 months ago
• ashwin-patil / blue-teaming-with-kql

  View on GitHub
  Repository with Sample KQL Query examples for Threat Hunting
  ☆218Sep 1, 2022Updated 3 years ago
• nettitude / PoshC2_IOCs

  View on GitHub
  A list of IOCs applicable to PoshC2
  ☆24Aug 3, 2020Updated 5 years ago
• Sebmolendijk / mcas-labs

  View on GitHub
  Microsoft Cloud App Security labs
  ☆14Dec 17, 2018Updated 7 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• microsoft / MicrosoftDefenderForEndpoint-API-Python

  View on GitHub
  sample code to MicrosoftDefenderATP API
  ☆27Apr 5, 2021Updated 4 years ago
• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• microsoft / Microsoft-365-Defender-Hunting-Queries

  View on GitHub
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,053Feb 17, 2022Updated 4 years ago
• matthw / malware_analysis

  View on GitHub
  ☆18Mar 26, 2024Updated 2 years ago
• slyd0g / SharpCryptUnprotectData

  View on GitHub
  ☆15Feb 9, 2022Updated 4 years ago
• Sceptive / forgiva-integrator

  View on GitHub
  Core module for Forgiva Enterprise connecting Forgiva Server to Forgiva Webclient.
  ☆13Mar 28, 2022Updated 4 years ago
• miladaslaner / ThreatHunt

  View on GitHub
  ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
  ☆135Jul 25, 2019Updated 6 years ago
• mathieu-benoit / myakscluster

  View on GitHub
  How to setup a secure Kubernetes cluster on Azure
  ☆10Jun 25, 2020Updated 5 years ago
• Azure / MDTI-Solutions

  View on GitHub
  Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
  ☆80Sep 9, 2024Updated last year
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• NVISOsecurity / evtx-hunter

  View on GitHub
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆158Nov 30, 2021Updated 4 years ago
• CTI-Driven / Advanced-Threat-Hunting-Ransomware-Groups-Affiliates

  View on GitHub
  Advanced Threat Hunting: Ransomware Group
  ☆29Jul 9, 2025Updated 8 months ago
• zarkones / ControlSTUDIO

  View on GitHub
  Adversary Simulation Framework
  ☆38Aug 19, 2025Updated 7 months ago
• y3n11 / Captain

  View on GitHub
  Userland API monitor for threat hunting
  ☆58Mar 4, 2020Updated 6 years ago
• openhunting-io / ohcti-malwareinfra

  View on GitHub
  Threat Hunting Malware Infrastructure
  ☆11Dec 3, 2023Updated 2 years ago
• a2awais / Threat-Hunting

  View on GitHub
  Threat Hunting queries of multiple platforms
  ☆64Feb 26, 2026Updated last month
• microsoft / MicrosoftDefenderForEndpoint-PowerBI

  View on GitHub
  A repo for sample MDATP Power BI Templates
  ☆207Jun 15, 2021Updated 4 years ago
• NateHutch365 / Microsoft-Intune

  View on GitHub
  ☆11Mar 20, 2026Updated last week
• fabioharams / azsecurityworkshop

  View on GitHub
  Security Workshop | Azure
  ☆10Jul 28, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• jinweijie / VirtualAP

  View on GitHub
  A tool for start/stop Microsoft Hosted Network Virtual Adapter.
  ☆31Apr 21, 2023Updated 2 years ago
• bentleymi / ChatGPT-4-Splunk

  View on GitHub
  Splunk TA for sending completion requests to ChatGPT
  ☆27May 18, 2024Updated last year
• yasser-alghamdi / winterfell-hunt

  View on GitHub
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Jul 23, 2020Updated 5 years ago
• NC3-LU / Diagnostic

  View on GitHub
  Security diagnostic quick start guide. Identifying the best measures and establishing specific security procedures for your organization.
  ☆11May 29, 2019Updated 6 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated 2 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure

  View on GitHub
  ☆72Oct 21, 2024Updated last year
• MicrosoftDocs / azure-sphere-issues

  View on GitHub
  ☆11Nov 13, 2024Updated last year