Repository of SentinelOne Deep Visibility queries.
☆136Jun 30, 2021Updated 4 years ago
Alternatives and similar repositories for sentinelone-queries
Users that are interested in sentinelone-queries are comparing it to the libraries listed below
Sorting:
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆92Jan 11, 2021Updated 5 years ago
- Web based S1 query navigator for one-click threat hunting☆25Dec 18, 2020Updated 5 years ago
- ☆71Jun 20, 2023Updated 2 years ago
- SentinelOne STAR Rules☆74Feb 11, 2025Updated last year
- This will be a repository of SentinelOne Deep Visibility queries both the Standard Queries and the Power Queries. Most of these queries w…☆33Oct 15, 2024Updated last year
- PowerShell module for SentinelOne API☆69Jun 26, 2023Updated 2 years ago
- PowerShell module for SentinelOne API☆28Mar 8, 2021Updated 5 years ago
- Beginners Guide to Hunting for Threats☆18Apr 26, 2025Updated 10 months ago
- ☆14Oct 24, 2024Updated last year
- PowerShell wrapper for the SentinelOne API☆10Jan 4, 2025Updated last year
- Rules generated from our investigations.☆204Jun 17, 2025Updated 9 months ago
- Contains research.splunk.com site code☆11Apr 10, 2024Updated last year
- Some Python SentinelOne API request examples and UI☆16May 16, 2018Updated 7 years ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆26Oct 3, 2023Updated 2 years ago
- Remote access and Antivirus Logging Database☆45Apr 28, 2024Updated last year
- ☆17Jan 22, 2026Updated last month
- A little tool to filter the stranger strings from a binary so you can analyze the good ones☆54Sep 11, 2025Updated 6 months ago
- ☆16Aug 29, 2025Updated 6 months ago
- Detection rules and threat hunting queries in Defender XDR and Azure Sentinel☆16Updated this week
- ☆48Mar 8, 2026Updated last week
- Actionable data for Security Operations☆19Aug 26, 2021Updated 4 years ago
- Defence Against the Dark Arts☆34Sep 15, 2019Updated 6 years ago
- Main Sigma Rule Repository☆10,203Updated this week
- ☆72Oct 21, 2024Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆69Mar 17, 2024Updated 2 years ago
- ☆2,390Oct 14, 2023Updated 2 years ago
- Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-2…☆99Mar 16, 2021Updated 5 years ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- Project to Support The Hunter's Framework (THF)☆11Apr 16, 2024Updated last year
- Personal settings for X-Ways Forensics☆32Apr 28, 2022Updated 3 years ago
- CyLR - Live Response Collection Tool☆714Jun 1, 2022Updated 3 years ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆804Jan 14, 2026Updated 2 months ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Sep 25, 2018Updated 7 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆30Mar 2, 2021Updated 5 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,501Jan 12, 2026Updated 2 months ago
- Rules Shared by the Community from 100 Days of YARA 2023 -☆18Apr 10, 2023Updated 2 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated last year