KQL queries for Incident Response
☆14Oct 31, 2023Updated 2 years ago
Alternatives and similar repositories for kql_queries
Users that are interested in kql_queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Headers Burp Extension☆19Jun 7, 2023Updated 2 years ago
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Nov 5, 2024Updated last year
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆13Jan 24, 2026Updated 3 months ago
- Vigil - an ever improving 100% OpenSource AI system for security☆144Updated this week
- Scripte, Befehle und YAMLs für den Youtube-Kanal CSharpDevOps☆16May 22, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆15Apr 17, 2020Updated 6 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆43Mar 13, 2025Updated last year
- Visualize Microsoft Defender XDR process trees and security events☆33Aug 24, 2025Updated 8 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆59Jun 7, 2022Updated 3 years ago
- Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract text…☆12Apr 21, 2026Updated 2 weeks ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- ☆72Oct 21, 2024Updated last year
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆30Jul 21, 2025Updated 9 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Config files for my GitHub profile.☆18Mar 21, 2026Updated last month
- Wi-Fi Hacking Workshop☆14Dec 27, 2020Updated 5 years ago
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆25Apr 30, 2026Updated last week
- Java DNS Post Exploitation Tool☆11Jul 21, 2024Updated last year
- Class☆10Nov 10, 2020Updated 5 years ago
- .NET Project for performing Authenticated Remote Execution☆12Nov 22, 2023Updated 2 years ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆202Jan 6, 2026Updated 4 months ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆22Jun 21, 2022Updated 3 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- Files for the Wi-Fi duck workshop☆12Jan 26, 2020Updated 6 years ago
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆23Oct 6, 2021Updated 4 years ago
- Initial Revision☆16Jun 11, 2018Updated 7 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- Hunting Queries for Defender ATP☆83Apr 1, 2026Updated last month
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆15Jul 13, 2021Updated 4 years ago
- Automated Phishing Tool☆11May 27, 2020Updated 5 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Scan git repos for secrets using regex and entropy 🔑☆10Jun 18, 2020Updated 5 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆179Mar 2, 2026Updated 2 months ago
- Your Swiss Army knife to analyze malicious web traffic based on mitmproxy.☆65Aug 17, 2025Updated 8 months ago
- BaldHead is a modular and interactive Active Directory (AD) attack framework built for red teamers and security testers. It automates enu…☆110Apr 11, 2026Updated 3 weeks ago
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆20Jan 28, 2025Updated last year
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 4 years ago
- Target files to hack☆15Apr 21, 2020Updated 6 years ago