KQL queries for Incident Response
☆14Oct 31, 2023Updated 2 years ago
Alternatives and similar repositories for kql_queries
Users that are interested in kql_queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Headers Burp Extension☆19Jun 7, 2023Updated 2 years ago
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Nov 5, 2024Updated last year
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆13Jan 24, 2026Updated 2 months ago
- Vigil - an ever improving 100% OpenSource AI system for security☆124Updated this week
- Scripte, Befehle und YAMLs für den Youtube-Kanal CSharpDevOps☆16May 22, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆15Apr 17, 2020Updated 6 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆43Mar 13, 2025Updated last year
- Visualize Microsoft Defender XDR process trees and security events☆33Aug 24, 2025Updated 7 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆58Jun 7, 2022Updated 3 years ago
- Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract text…☆12Mar 17, 2026Updated last month
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- ☆72Oct 21, 2024Updated last year
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆29Jul 21, 2025Updated 8 months ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Config files for my GitHub profile.☆18Mar 21, 2026Updated 3 weeks ago
- Wi-Fi Hacking Workshop☆14Dec 27, 2020Updated 5 years ago
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆24Dec 5, 2025Updated 4 months ago
- Java DNS Post Exploitation Tool☆11Jul 21, 2024Updated last year
- Class☆10Nov 10, 2020Updated 5 years ago
- .NET Project for performing Authenticated Remote Execution☆12Nov 22, 2023Updated 2 years ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆201Jan 6, 2026Updated 3 months ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆22Jun 21, 2022Updated 3 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- Files for the Wi-Fi duck workshop☆12Jan 26, 2020Updated 6 years ago
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆23Oct 6, 2021Updated 4 years ago
- Initial Revision☆16Jun 11, 2018Updated 7 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- Hunting Queries for Defender ATP☆83Apr 1, 2026Updated 2 weeks ago
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆15Jul 13, 2021Updated 4 years ago
- Automated Phishing Tool☆11May 27, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Scan git repos for secrets using regex and entropy 🔑☆10Jun 18, 2020Updated 5 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆176Mar 2, 2026Updated last month
- Your Swiss Army knife to analyze malicious web traffic based on mitmproxy.☆65Aug 17, 2025Updated 8 months ago
- BaldHead is a modular and interactive Active Directory (AD) attack framework built for red teamers and security testers. It automates enu…☆110Apr 11, 2026Updated last week
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆20Jan 28, 2025Updated last year
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 3 years ago
- Target files to hack☆15Apr 21, 2020Updated 5 years ago