Michael Melone's Kusto Query library
☆20Nov 17, 2023Updated 2 years ago
Alternatives and similar repositories for KQL
Users that are interested in KQL are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DEPRECATED -> GO TO https://github.com/microsoft/Microsoft-threat-protection-Hunting-Queries☆20Apr 22, 2020Updated 6 years ago
- Advanced Interactive Security Workshop☆20Dec 28, 2020Updated 5 years ago
- ☆51Jul 7, 2024Updated last year
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆26Jun 30, 2021Updated 5 years ago
- Hunting Queries for Defender ATP☆83Apr 1, 2026Updated 3 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- This repository is for public files shared by the Microsoft Information Protection Team☆25Jan 6, 2021Updated 5 years ago
- KQL queries for Advanced Hunting☆176Jan 16, 2020Updated 6 years ago
- M365 Defender SOC Playbooks☆24Feb 6, 2023Updated 3 years ago
- Config files for my GitHub profile.☆10May 1, 2026Updated 2 months ago
- Sigma Queries turned into KQL for Defender using pysigma☆12Mar 29, 2026Updated 3 months ago
- Sentinel BEC IR☆14Aug 18, 2022Updated 3 years ago
- Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant.☆133Feb 10, 2026Updated 4 months ago
- ☆71Apr 20, 2026Updated 2 months ago
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆140Jun 24, 2026Updated last week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Bulk turn on Analytic rules in Azure Sentinel☆18Oct 7, 2021Updated 4 years ago
- Repository with simples C binary samples for beginners REs & Defenders☆10May 29, 2024Updated 2 years ago
- Power BI templates for Exchange Online Protection and Office 365 Advanced Threat Protection reporting☆13Sep 9, 2020Updated 5 years ago
- KQL queries for cyber defense and for solving daily issues☆55Jul 28, 2025Updated 11 months ago
- Manage Engine Decrypter☆28Oct 17, 2022Updated 3 years ago
- My useful KQL and Azure Monitor workbooks (Public)☆117Jun 19, 2026Updated last week
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- repository containing some nmap scripts☆16Jan 15, 2021Updated 5 years ago
- Create a Word document showing your Sentinel configuration☆14Nov 7, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 5 years ago
- KQL Detections for Microsoft Sentinel and Microsoft 365 Defender☆22Nov 15, 2024Updated last year
- various tools for Microsoft Sentinel☆32Jun 17, 2026Updated 2 weeks ago
- ☆38Nov 12, 2024Updated last year
- Microsoft Sentinel SOC Operations☆265Jul 10, 2024Updated last year
- GitHub action for validating Microsoft Sentinel detection rules☆14May 22, 2023Updated 3 years ago
- ☆15Jun 28, 2024Updated 2 years ago
- ☆14Sep 22, 2023Updated 2 years ago
- This script validates the most common Conditional Access policies in Microsoft 365.☆10May 27, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆45Jun 4, 2026Updated 3 weeks ago
- Azure AD Incident Response☆28Oct 8, 2021Updated 4 years ago
- ☆20Sep 27, 2024Updated last year
- Hands-on Security Labs focused on Azure IaaS Security☆62Jan 19, 2020Updated 6 years ago
- Solution to deploy a Sentinel playground demo environment☆58Jun 9, 2023Updated 3 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Jan 8, 2024Updated 2 years ago
- Microsoft Defender Advanced Threat Protection☆49Jan 28, 2026Updated 5 months ago