KQL queries for Incident Response
☆14Oct 31, 2023Updated 2 years ago
Alternatives and similar repositories for kql_queries
Users that are interested in kql_queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Headers Burp Extension☆19Jun 7, 2023Updated 2 years ago
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Nov 5, 2024Updated last year
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆13Jan 24, 2026Updated 4 months ago
- Scripte, Befehle und YAMLs für den Youtube-Kanal CSharpDevOps☆16May 22, 2023Updated 3 years ago
- ☆15Apr 17, 2020Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Vigil - an ever improving 100% OpenSource AI system for security☆168Updated this week
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆43Mar 13, 2025Updated last year
- Visualize Microsoft Defender XDR process trees and security events☆33Aug 24, 2025Updated 9 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆59Jun 7, 2022Updated 3 years ago
- Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract text…☆12May 19, 2026Updated last week
- A dataset with CloudTrail events from an attack simulation using Stratus.☆26Jul 12, 2023Updated 2 years ago
- ☆72Oct 21, 2024Updated last year
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆30Jul 21, 2025Updated 10 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Config files for my GitHub profile.☆18Mar 21, 2026Updated 2 months ago
- Wi-Fi Hacking Workshop☆14Dec 27, 2020Updated 5 years ago
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆25May 19, 2026Updated last week
- Java DNS Post Exploitation Tool☆11Jul 21, 2024Updated last year
- Class☆10Nov 10, 2020Updated 5 years ago
- .NET Project for performing Authenticated Remote Execution�☆12Nov 22, 2023Updated 2 years ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆201Jan 6, 2026Updated 4 months ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆22Jun 21, 2022Updated 3 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated 2 years ago
- Files for the Wi-Fi duck workshop☆12Jan 26, 2020Updated 6 years ago
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆23Oct 6, 2021Updated 4 years ago
- Initial Revision☆16Jun 11, 2018Updated 7 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- Hunting Queries for Defender ATP☆83Apr 1, 2026Updated last month
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆15Jul 13, 2021Updated 4 years ago
- Automated Phishing Tool☆11May 27, 2020Updated 6 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Scan git repos for secrets using regex and entropy 🔑☆10Jun 18, 2020Updated 5 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆181Mar 2, 2026Updated 2 months ago
- Your Swiss Army knife to analyze malicious web traffic based on mitmproxy.☆65Aug 17, 2025Updated 9 months ago
- BaldHead is a modular and interactive Active Directory (AD) attack framework built for red teamers and security testers. It automates enu…☆109Apr 11, 2026Updated last month
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆20Jan 28, 2025Updated last year
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 4 years ago
- Target files to hack☆15Apr 21, 2020Updated 6 years ago