gmellini/Microsoft-Defender-Security-Center-Hunting-Queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

gmellini/Microsoft-Defender-Security-Center-Hunting-Queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/gmellini/Microsoft-Defender-Security-Center-Hunting-Queries)

Close

gmellini / Microsoft-Defender-Security-Center-Hunting-QueriesView on GitHubMore

• External links
• Readme badge

Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview

☆40Apr 8, 2021Updated 5 years ago

Alternatives and similar repositories for Microsoft-Defender-Security-Center-Hunting-Queries

Users that are interested in Microsoft-Defender-Security-Center-Hunting-Queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mr-r3b00t / parse_win_log

  View on GitHub
  ☆14Aug 21, 2022Updated 3 years ago
• jangeisbauer / AdvancedHunting

  View on GitHub
  Advanced Hunting Queries for Microsoft Security Products
  ☆108Jan 10, 2023Updated 3 years ago
• HaitchNull / WDATP-Advanced-Hunting

  View on GitHub
  Windows Defender ATP - Advanced Hunting Queries
  ☆22Apr 12, 2018Updated 8 years ago
• jangeisbauer / gundog

  View on GitHub
  gundog - guided hunting in Microsoft Defender
  ☆52Apr 29, 2021Updated 5 years ago
• Fortigi / ConditionalAccess

  View on GitHub
  ☆21Mar 8, 2021Updated 5 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• tsale / TA_tooling

  View on GitHub
  ☆10Dec 24, 2022Updated 3 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet

  View on GitHub
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆21Jul 1, 2023Updated 2 years ago
• mjmelone / KQL

  View on GitHub
  Michael Melone's Kusto Query library
  ☆20Nov 17, 2023Updated 2 years ago
• WithSecureLabs / lazarus-sigma-rules

  View on GitHub
  ☆20Oct 23, 2020Updated 5 years ago
• gh-andrem / DefenderXDR-AdvancedHunting-KQL

  View on GitHub
  Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
  ☆13Apr 20, 2026Updated 3 weeks ago
• fastfire / IsraelPalestineConflict

  View on GitHub
  List of groups that are carrying out cyber actions in the conflict between Israel and Palestine.
  ☆31Apr 23, 2024Updated 2 years ago
• ashwin-patil / blue-teaming-with-kql

  View on GitHub
  Repository with Sample KQL Query examples for Threat Hunting
  ☆218Sep 1, 2022Updated 3 years ago
• nettitude / PoshC2_IOCs

  View on GitHub
  A list of IOCs applicable to PoshC2
  ☆24Aug 3, 2020Updated 5 years ago
• Sebmolendijk / mcas-labs

  View on GitHub
  Microsoft Cloud App Security labs
  ☆14Dec 17, 2018Updated 7 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• microsoft / Microsoft-365-Defender-Hunting-Queries

  View on GitHub
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,065Feb 17, 2022Updated 4 years ago
• matthw / malware_analysis

  View on GitHub
  ☆18Mar 26, 2024Updated 2 years ago
• slyd0g / SharpCryptUnprotectData

  View on GitHub
  ☆15Feb 9, 2022Updated 4 years ago
• Azure / MDTI-Solutions

  View on GitHub
  Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
  ☆82Sep 9, 2024Updated last year
• NVISOsecurity / evtx-hunter

  View on GitHub
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆158Nov 30, 2021Updated 4 years ago
• y3n11 / Captain

  View on GitHub
  Userland API monitor for threat hunting
  ☆58Mar 4, 2020Updated 6 years ago
• openhunting-io / ohcti-malwareinfra

  View on GitHub
  Threat Hunting Malware Infrastructure
  ☆11Dec 3, 2023Updated 2 years ago
• a2awais / Threat-Hunting

  View on GitHub
  Threat Hunting queries of multiple platforms
  ☆68Apr 30, 2026Updated 2 weeks ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• microsoft / MicrosoftDefenderForEndpoint-PowerBI

  View on GitHub
  A repo for sample MDATP Power BI Templates
  ☆208Jun 15, 2021Updated 4 years ago
• NateHutch365 / Microsoft-Intune

  View on GitHub
  ☆14Mar 20, 2026Updated last month
• jinweijie / VirtualAP

  View on GitHub
  A tool for start/stop Microsoft Hosted Network Virtual Adapter.
  ☆31Apr 21, 2023Updated 3 years ago
• 360quake / CobaltStrike-JARM

  View on GitHub
  ☆21Dec 22, 2020Updated 5 years ago
• bentleymi / ChatGPT-4-Splunk

  View on GitHub
  Splunk TA for sending completion requests to ChatGPT
  ☆27May 18, 2024Updated 2 years ago
• NC3-LU / Diagnostic

  View on GitHub
  Security diagnostic quick start guide. Identifying the best measures and establishing specific security procedures for your organization.
  ☆11May 29, 2019Updated 6 years ago
• StefanKelm / yara-rules

  View on GitHub
  Links to malware-related YARA rules
  ☆15Sep 29, 2022Updated 3 years ago
• wsummerhill / IPv4Fuscation-Encrypted

  View on GitHub
  ☆20Mar 21, 2024Updated 2 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure

  View on GitHub
  ☆72Oct 21, 2024Updated last year
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• MicrosoftDocs / azure-sphere-issues

  View on GitHub
  ☆11Nov 13, 2024Updated last year
• 0xThiebaut / PCAPeek

  View on GitHub
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆24May 21, 2023Updated 2 years ago
• eshlomo1 / Azure-AD-Incident-Response

  View on GitHub
  Azure AD Incident Response
  ☆28Oct 8, 2021Updated 4 years ago
• 3CORESec / SIEGMA

  View on GitHub
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆159Mar 10, 2025Updated last year
• palantir / exploitguard

  View on GitHub
  Documentation and supporting script sample for Windows Exploit Guard
  ☆168Sep 8, 2025Updated 8 months ago
• garybushey / SentinelConfigurationToWord

  View on GitHub
  Create a Word document showing your Sentinel configuration
  ☆14Nov 7, 2023Updated 2 years ago
• reprise99 / kql-for-dfir

  View on GitHub
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆124May 16, 2022Updated 4 years ago