KQL queries for Incident Response
☆14Oct 31, 2023Updated 2 years ago
Alternatives and similar repositories for kql_queries
Users that are interested in kql_queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Headers Burp Extension☆19Jun 7, 2023Updated 2 years ago
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Nov 5, 2024Updated last year
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆13Jan 24, 2026Updated 2 months ago
- Scripte, Befehle und YAMLs für den Youtube-Kanal CSharpDevOps☆16May 22, 2023Updated 2 years ago
- ☆15Apr 17, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- msuserstats is a comprehensive Powershell tool to manage accounts from Microsoft Entra ID and Active Directory. It supports: a unified vi…☆43Mar 13, 2025Updated last year
- Visualize Microsoft Defender XDR process trees and security events☆32Aug 24, 2025Updated 7 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆58Jun 7, 2022Updated 3 years ago
- Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract text…☆12Mar 17, 2026Updated last week
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- ☆72Oct 21, 2024Updated last year
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆28Jul 21, 2025Updated 8 months ago
- Config files for my GitHub profile.☆18Mar 21, 2026Updated last week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Wi-Fi Hacking Workshop☆14Dec 27, 2020Updated 5 years ago
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆24Dec 5, 2025Updated 3 months ago
- Java DNS Post Exploitation Tool☆11Jul 21, 2024Updated last year
- Class☆10Nov 10, 2020Updated 5 years ago
- .NET Project for performing Authenticated Remote Execution☆12Nov 22, 2023Updated 2 years ago
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆198Jan 6, 2026Updated 2 months ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated last year
- ☆22Jun 21, 2022Updated 3 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- Files for the Wi-Fi duck workshop☆12Jan 26, 2020Updated 6 years ago
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆22Oct 6, 2021Updated 4 years ago
- Initial Revision☆16Jun 11, 2018Updated 7 years ago
- Hunting Queries for Defender ATP☆83Dec 14, 2025Updated 3 months ago
- ☆11Dec 8, 2023Updated 2 years ago
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆15Jul 13, 2021Updated 4 years ago
- Automated Phishing Tool☆11May 27, 2020Updated 5 years ago
- Scan git repos for secrets using regex and entropy 🔑☆10Jun 18, 2020Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Tools that can be useful for OSEP exam and PEN300 studies.☆80Mar 14, 2026Updated 2 weeks ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆174Mar 2, 2026Updated 3 weeks ago
- Your Swiss Army knife to analyze malicious web traffic based on mitmproxy.☆64Aug 17, 2025Updated 7 months ago
- BaldHead is a modular and interactive Active Directory (AD) attack framework built for red teamers and security testers. It automates enu…☆110Jun 20, 2025Updated 9 months ago
- Automating the baseline logging settings found here: https://nullsec.us/windows-baseline-logging/☆20Jan 28, 2025Updated last year
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 3 years ago
- Target files to hack☆15Apr 21, 2020Updated 5 years ago