gmellini/Microsoft-Defender-Security-Center-Hunting-Queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

gmellini/Microsoft-Defender-Security-Center-Hunting-Queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/gmellini/Microsoft-Defender-Security-Center-Hunting-Queries)

Close

gmellini / Microsoft-Defender-Security-Center-Hunting-QueriesView on GitHubMore

• External links
• Readme badge

Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview

☆40Apr 8, 2021Updated 5 years ago

Alternatives and similar repositories for Microsoft-Defender-Security-Center-Hunting-Queries

Users that are interested in Microsoft-Defender-Security-Center-Hunting-Queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• RoqueNight / DefenderATP-Proactive-Threat-Hunting-Queries-KQL

  View on GitHub
  List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…
  ☆26Jun 30, 2021Updated 4 years ago
• mr-r3b00t / parse_win_log

  View on GitHub
  ☆14Aug 21, 2022Updated 3 years ago
• jangeisbauer / AdvancedHunting

  View on GitHub
  Advanced Hunting Queries for Microsoft Security Products
  ☆108Jan 10, 2023Updated 3 years ago
• CGCFAD / WDATP-Advanced-Hunting

  View on GitHub
  Windows Defender ATP - Advanced Hunting Queries
  ☆22Apr 12, 2018Updated 8 years ago
• jangeisbauer / gundog

  View on GitHub
  gundog - guided hunting in Microsoft Defender
  ☆52Apr 29, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Fortigi / ConditionalAccess

  View on GitHub
  ☆21Mar 8, 2021Updated 5 years ago
• tsale / TA_tooling

  View on GitHub
  ☆10Dec 24, 2022Updated 3 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet

  View on GitHub
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆21Jul 1, 2023Updated 2 years ago
• WithSecureLabs / lazarus-sigma-rules

  View on GitHub
  ☆19Oct 23, 2020Updated 5 years ago
• mjmelone / KQL

  View on GitHub
  Michael Melone's Kusto Query library
  ☆20Nov 17, 2023Updated 2 years ago
• gh-andrem / DefenderXDR-AdvancedHunting-KQL

  View on GitHub
  Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
  ☆13Updated this week
• fastfire / IsraelPalestineConflict

  View on GitHub
  List of groups that are carrying out cyber actions in the conflict between Israel and Palestine.
  ☆31Apr 23, 2024Updated last year
• ashwin-patil / blue-teaming-with-kql

  View on GitHub
  Repository with Sample KQL Query examples for Threat Hunting
  ☆218Sep 1, 2022Updated 3 years ago
• nettitude / PoshC2_IOCs

  View on GitHub
  A list of IOCs applicable to PoshC2
  ☆24Aug 3, 2020Updated 5 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Sebmolendijk / mcas-labs

  View on GitHub
  Microsoft Cloud App Security labs
  ☆14Dec 17, 2018Updated 7 years ago
• microsoft / MicrosoftDefenderForEndpoint-API-Python

  View on GitHub
  sample code to MicrosoftDefenderATP API
  ☆27Apr 5, 2021Updated 5 years ago
• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• matthw / malware_analysis

  View on GitHub
  ☆18Mar 26, 2024Updated 2 years ago
• microsoft / Microsoft-365-Defender-Hunting-Queries

  View on GitHub
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,057Feb 17, 2022Updated 4 years ago
• slyd0g / SharpCryptUnprotectData

  View on GitHub
  ☆15Feb 9, 2022Updated 4 years ago
• Sceptive / forgiva-integrator

  View on GitHub
  Core module for Forgiva Enterprise connecting Forgiva Server to Forgiva Webclient.
  ☆13Mar 28, 2022Updated 4 years ago
• miladaslaner / ThreatHunt

  View on GitHub
  ThreatHunt is a PowerShell repository that allows you to train your threat hunting skills.
  ☆135Jul 25, 2019Updated 6 years ago
• mathieu-benoit / myakscluster

  View on GitHub
  How to setup a secure Kubernetes cluster on Azure
  ☆10Jun 25, 2020Updated 5 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• Azure / MDTI-Solutions

  View on GitHub
  Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
  ☆81Sep 9, 2024Updated last year
• NVISOsecurity / evtx-hunter

  View on GitHub
  evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
  ☆158Nov 30, 2021Updated 4 years ago
• zarkones / ControlSTUDIO

  View on GitHub
  Adversary Simulation Framework
  ☆40Aug 19, 2025Updated 8 months ago
• CTI-Driven / Advanced-Threat-Hunting-Ransomware-Groups-Affiliates

  View on GitHub
  Advanced Threat Hunting: Ransomware Group
  ☆28Jul 9, 2025Updated 9 months ago
• y3n11 / Captain

  View on GitHub
  Userland API monitor for threat hunting
  ☆58Mar 4, 2020Updated 6 years ago
• openhunting-io / ohcti-malwareinfra

  View on GitHub
  Threat Hunting Malware Infrastructure
  ☆11Dec 3, 2023Updated 2 years ago
• a2awais / Threat-Hunting

  View on GitHub
  Threat Hunting queries of multiple platforms
  ☆63Updated this week
• microsoft / MicrosoftDefenderForEndpoint-PowerBI

  View on GitHub
  A repo for sample MDATP Power BI Templates
  ☆208Jun 15, 2021Updated 4 years ago
• fabioharams / azsecurityworkshop

  View on GitHub
  Security Workshop | Azure
  ☆10Jul 28, 2020Updated 5 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• NateHutch365 / Microsoft-Intune

  View on GitHub
  ☆14Mar 20, 2026Updated last month
• jinweijie / VirtualAP

  View on GitHub
  A tool for start/stop Microsoft Hosted Network Virtual Adapter.
  ☆31Apr 21, 2023Updated 3 years ago
• 360quake / CobaltStrike-JARM

  View on GitHub
  ☆21Dec 22, 2020Updated 5 years ago
• bentleymi / ChatGPT-4-Splunk

  View on GitHub
  Splunk TA for sending completion requests to ChatGPT
  ☆27May 18, 2024Updated last year
• yasser-alghamdi / winterfell-hunt

  View on GitHub
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆15Jul 23, 2020Updated 5 years ago
• NC3-LU / Diagnostic

  View on GitHub
  Security diagnostic quick start guide. Identifying the best measures and establishing specific security procedures for your organization.
  ☆11May 29, 2019Updated 6 years ago
• StefanKelm / yara-rules

  View on GitHub
  Links to malware-related YARA rules
  ☆15Sep 29, 2022Updated 3 years ago