Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: kql
NeilMacMullen/kusto-loco
C# KQL query engine with flexible I/O layers and visualization
Language: C# - Size: 2.1 MB - Last synced: about 5 hours ago - Pushed: about 23 hours ago - Stars: 21 - Forks: 0
ep3p/Sentinel_KQL
In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (a SIEM tool).
Size: 3.5 MB - Last synced: about 8 hours ago - Pushed: about 9 hours ago - Stars: 92 - Forks: 19
jostuffl/AzureSentinel_Stuff
A collection of things I've created or found that I think is useful for Azure Sentinel.
Language: Jupyter Notebook - Size: 9.82 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 12 - Forks: 2
LearningKijo/KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
Size: 7.21 MB - Last synced: about 7 hours ago - Pushed: 2 months ago - Stars: 407 - Forks: 70
thomas-touhey/kaquel
Tools for handling ElasticSearch queries in various languages (Gitlab.com mirror).
Language: Python - Size: 155 KB - Last synced: 3 days ago - Pushed: 4 days ago - Stars: 0 - Forks: 0
gh-andrem/DefenderXDR-AdvancedHunting
Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
Language: PowerShell - Size: 99.6 KB - Last synced: 5 days ago - Pushed: 5 days ago - Stars: 7 - Forks: 0
f-bader/AzSentinelQueries
Repository with Sentinel Analytics Rules and Hunting Queries
Size: 3.17 MB - Last synced: 6 days ago - Pushed: 6 days ago - Stars: 59 - Forks: 13
alexverboon/Hunting-Queries-Detection-Rules
KQL Queries. Microsoft 365 Defender, Microsoft Sentinel
Size: 134 KB - Last synced: 6 days ago - Pushed: 7 days ago - Stars: 78 - Forks: 7
alexverboon/MDATP
Microsoft Defender XDR - Resource Hub
Language: PowerShell - Size: 1.21 MB - Last synced: about 5 hours ago - Pushed: 5 months ago - Stars: 450 - Forks: 59
Azure/tsi2rti
CMF Analytics scenario TSI to ADX or Fabric RTI migration tools
Language: PowerShell - Size: 16.6 MB - Last synced: 1 day ago - Pushed: 7 days ago - Stars: 0 - Forks: 2
b4fun/ku
Toolkit for collecting and exploring logs using pipelined query lanaguage and sqlite.
Language: TypeScript - Size: 4.62 MB - Last synced: 9 days ago - Pushed: 9 days ago - Stars: 6 - Forks: 0
McL0vinn/MicrosoftDefender-Egregor
Custom made Query which you can run in your Microsoft Defender - Advanced Hunting tool to look for network activity related to Egregor Ransomware.
Size: 5.86 KB - Last synced: 10 days ago - Pushed: over 3 years ago - Stars: 0 - Forks: 0
rod-trent/Copilot-for-Security
My personal work with Copilot for Security
Language: HTML - Size: 16.1 MB - Last synced: 19 days ago - Pushed: 20 days ago - Stars: 76 - Forks: 14
0xAnalyst/DefenderATPQueries
Hunting Queries for Defender ATP
Size: 172 KB - Last synced: 18 days ago - Pushed: 18 days ago - Stars: 47 - Forks: 5
cyb3rmik3/KQL-threat-hunting-queries
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Size: 285 KB - Last synced: 18 days ago - Pushed: 18 days ago - Stars: 441 - Forks: 50
weeyin83/KQL-queries
KQL Queries
Size: 4.88 KB - Last synced: 19 days ago - Pushed: 19 days ago - Stars: 0 - Forks: 0
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Language: Python - Size: 550 KB - Last synced: 19 days ago - Pushed: 19 days ago - Stars: 1,020 - Forks: 185
H1dd3n00b/KQL-Threat-Hunting
This repository contains a selection of Kusto Query Language (KQL) queries designed for proactive threat hunting. Aligned with the MITRE ATT&CK framework, these queries are crafted to detect and address potential threats effectively.
Size: 45.9 KB - Last synced: 20 days ago - Pushed: 20 days ago - Stars: 0 - Forks: 0
AbhinavJ-data/Conference-Sessions
Technical content and slides from conference sessions presented by Abhi Jayanty
Size: 42.3 MB - Last synced: 19 days ago - Pushed: 20 days ago - Stars: 1 - Forks: 0
0fflineDocs/KQL
KQL Queries, Microsoft 365 Security
Size: 211 KB - Last synced: 21 days ago - Pushed: 21 days ago - Stars: 5 - Forks: 0
FalconForceTeam/FalconFriday
Hunting queries and detections
Size: 165 KB - Last synced: 12 days ago - Pushed: 2 months ago - Stars: 658 - Forks: 72
getkirby/kql
Kirby's Query Language API combines the flexibility of Kirby's data structures, the power of GraphQL and the simplicity of REST.
Language: PHP - Size: 194 KB - Last synced: 5 days ago - Pushed: 7 months ago - Stars: 141 - Forks: 5
beatrizfriso/KQLQueryQuest
Your self-guide to crafting better queries. Uncover tips, tricks, and insights to level up your KQL skills 🚀
Size: 7.81 KB - Last synced: 26 days ago - Pushed: 27 days ago - Stars: 0 - Forks: 0
teznadzn/KQLQueries
Curated collection of Kusto Query Language (KQL) queries built during my experience as a SOC analyst in primarily a Microsoft environment.
Size: 45.9 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 0 - Forks: 0
azure-scavengers/Azure-Unused-Orphan-CostOptimization
This project aims on Cost savings to Azure consumers by identifying Unused or Idle Orphan Resources with Azure Cost Optimization best practices. Costly resources such as Application Gateway, App Service plan, PowerBI Embedded capacity, SQL database, Cosmos DB, Storages, etc can be assessed.
Size: 140 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 4 - Forks: 3
cyb3rmik3/MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Size: 94.7 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 269 - Forks: 31
Seddryck/Kusto-session
Session about the Kusto query language that you can find in Azure tools such as Azure Data explorer (ADX) but also Azure Time Series Insights.
Language: Jupyter Notebook - Size: 1.74 MB - Last synced: about 1 month ago - Pushed: 3 months ago - Stars: 0 - Forks: 0
Dobatymo/kibana-ql-python
Parser for the Kibana Query Language (KQL)
Language: Python - Size: 7.81 KB - Last synced: about 1 month ago - Pushed: about 1 year ago - Stars: 1 - Forks: 0
cylaris/awesomekql
Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
Size: 163 KB - Last synced: 22 days ago - Pushed: 11 months ago - Stars: 44 - Forks: 5
geekzter/azure-governance
Azure Governance - bits & pieces
Language: HCL - Size: 35.2 KB - Last synced: about 2 months ago - Pushed: over 2 years ago - Stars: 1 - Forks: 2
miztiik/send-vm-logs-to-azure-monitor
Collect, Transform and Load custom logs to Azure Log Analytics Workspace
Language: Bicep - Size: 659 KB - Last synced: about 2 months ago - Pushed: about 1 year ago - Stars: 1 - Forks: 1
miztiik/azure-alert-on-custom-metrics
Use custom logs from azure vm to monitor resources and alert on events
Language: Bicep - Size: 439 KB - Last synced: about 2 months ago - Pushed: about 1 year ago - Stars: 0 - Forks: 1
lawndoc/AdvancedHuntingQueries
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
Size: 299 KB - Last synced: about 1 month ago - Pushed: 7 months ago - Stars: 94 - Forks: 12
netevert/sentinel-attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Language: HCL - Size: 43.1 MB - Last synced: about 2 months ago - Pushed: 9 months ago - Stars: 1,037 - Forks: 206
Aloshi/kql-parser
Python parser for Kibana Query Language (KQL).
Language: Python - Size: 19.5 KB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 4 - Forks: 0
globalbao/azure-resource-graph
Collection of Azure Resource Graph queries for use in Portal and via PowerShell - by @JesseLoudon
Size: 63.5 KB - Last synced: about 2 months ago - Pushed: over 1 year ago - Stars: 56 - Forks: 21
teznadzn/SOCEntityTriageWorkbook
The SOC Entity Triage workbook is designed to enhance the triage process for security operation centers (SOCs) by providing a comprehensive and interactive analysis tool within Azure Sentinel. This workbook aims to streamline the investigation of entities such as IP addresses, hostnames, AD users, and email accounts,.
Size: 48.8 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 0 - Forks: 0
ashwin-patil/blue-teaming-with-kql
Repository with Sample KQL Query examples for Threat Hunting
Size: 21.6 MB - Last synced: 3 months ago - Pushed: almost 2 years ago - Stars: 189 - Forks: 37
matsest/az-resource-graph
Azure Resource Graph learnings with Azure PowerShell, Azure CLI and VS Code
Language: PowerShell - Size: 6.84 KB - Last synced: about 1 month ago - Pushed: 3 months ago - Stars: 0 - Forks: 0
microsoft/Fabric-RTA-FlightStream
Microsoft Fabric Real-time Analytics flight streaming
Language: Jupyter Notebook - Size: 1.04 MB - Last synced: 2 months ago - Pushed: 4 months ago - Stars: 14 - Forks: 2
wortell/KQL 📦
KQL queries for Advanced Hunting
Size: 39.1 KB - Last synced: 3 months ago - Pushed: over 4 years ago - Stars: 165 - Forks: 48
jischell-msft/RemoteManagementMonitoringTools
Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
Language: PowerShell - Size: 165 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 61 - Forks: 5
dotvt/SecurityMaster365
Ressources nécessaire ou facilitant la sécurisation de son environnement Microsoft 365.
Size: 166 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 2 - Forks: 0
Vladimir-Rom/gokql
Golang interpreter for the Kibana Query Language (KQL)
Language: Go - Size: 77.1 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 6 - Forks: 0
back1ply/8-Week-SQL-Challenge
Solving the 8 Week SQL Challenge using m-code, KQL.
Size: 138 KB - Last synced: 4 months ago - Pushed: 4 months ago - Stars: 0 - Forks: 0
Azure/pykusto
Query Kusto like a pro from the comfort of your Jupyter notebook
Language: Python - Size: 638 KB - Last synced: 7 days ago - Pushed: over 1 year ago - Stars: 30 - Forks: 8
EEN421/KQL-Queries
Ian Hanley's deceptively simple KQL queries.
Size: 124 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 38 - Forks: 7
xFFninja/happy_threat_hunting
Threat Hunting
Size: 22.5 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 6 - Forks: 1
Cyb3r-Monk/Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Language: Jupyter Notebook - Size: 316 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 500 - Forks: 80
madret/kql-generator
KQL generator, for generating quick Hunting queries. Microsoft 365 Defender focussed.
Size: 47.9 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 1 - Forks: 0
diogo-fernan/mde-kql-hunting
A collection of MDE KQL hunting queries useful for incident response and threat hunting.
Size: 10.7 KB - Last synced: about 1 month ago - Pushed: almost 2 years ago - Stars: 5 - Forks: 1
AnthonyByansi/Azure-Log-Analysis-Kit
A comprehensive collection of Kusto Query Language (KQL) scripts and tools for simplified log analysis and troubleshooting in Azure and DevOps environments.
Size: 10.7 KB - Last synced: 5 months ago - Pushed: 9 months ago - Stars: 2 - Forks: 0
AnthonyByansi/kql-explorers-guide
A comprehensive Kusto Query Language (KQL) learning repository covering basic syntax to advanced topics, with hands-on exercises, code samples, and resources for data analysis in Azure Data Explorer.
Language: Shell - Size: 78.1 KB - Last synced: 4 months ago - Pushed: 9 months ago - Stars: 3 - Forks: 0
f-mahler/vuekit
Kirby 3 + Vue.js kit
Language: PHP - Size: 4.83 MB - Last synced: 6 months ago - Pushed: almost 3 years ago - Stars: 19 - Forks: 1
dangermike27/SOC_Queries
useful KQL Queries
Size: 10.7 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 0 - Forks: 0
diorfunn/KustoQueryGenerator
Use KQG and generate Kusto scripts | Used with Defender ATP
Size: 1.95 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 0 - Forks: 0
davidnx/baby-kusto-csharp
A self-contained execution engine for the Kusto Query Language (KQL) written in C#
Language: C# - Size: 777 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 16 - Forks: 4
MSJosh/MDI-Items
Defender for Identity Technical Items
Size: 50.8 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 2 - Forks: 1
N372unn32/AzureKQLPowerShellExtractor
PowerShell Module that extracts data from Microsoft Azure using ARG KQL queries running in PowerShell. The extracted data can be exported to CSV, Excel, JSON reports, mitigating the maximum rows limitation of ARG Explorer on Azure.
Language: PowerShell - Size: 43 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 2 - Forks: 0
ugurkocde/KQL-Search
Language: JavaScript - Size: 1.01 MB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 21 - Forks: 3
nguyen18/WVD-KustoQueries
KQL queries for monitor log analytics
Size: 35.2 KB - Last synced: 10 months ago - Pushed: over 2 years ago - Stars: 3 - Forks: 1
0xbythesecond/Azure-Monitor
Size: 34.2 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 0
azure-scavengers/Azure-Unused-Resources
This project aims on Cost savings to Azure consumers by identifying Unused or Idle Resources with Azure Cost Optimization best practices. Costly resources such as Application Gateway, App Service plan, PowerBI Embedded capacity, SQL database, Cosmos DB, Storages, etc can be assessed.
Size: 215 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 0
Saggiehaim/Awesome-KQL
Awesome KQL queries for KQL Ninjas
Size: 22.5 KB - Last synced: 10 months ago - Pushed: about 1 year ago - Stars: 3 - Forks: 1
cyph3rryx/CyberThreat-Monitor
CyberThreat Monitor (SIEM Lab) with Microsoft Azure is a comprehensive threat monitoring solution built on Azure Sentinel, providing real-time visibility into global cyber threats.
Language: PowerShell - Size: 1.41 MB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 1 - Forks: 0
ingebeumer/LogAnalyticsToDevOpsForODA
Export and transform Focus Area as well as findings and recommendations from Log Analytics workspace for On-Demand Assessment and import them as Epics and Product backlog items in Azure DevOps.
Size: 88.9 KB - Last synced: 11 months ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
0xbythesecond/Azure-Cloud-Detection-Part-2-Getting-Data-into-Sentinel
Size: 128 KB - Last synced: 11 months ago - Pushed: 11 months ago - Stars: 0 - Forks: 0
EEN421/EEN421.github.io Fork of daattali/beautiful-jekyll
✨ Hanley.cloud
Language: HTML - Size: 51.1 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 0 - Forks: 0
bnomei/kirby3-htmlpurifier
Static class method, Uniform-Guard and Field-Method to filter your "dirty" HTML inputs to "clean" HTML.
Language: PHP - Size: 482 KB - Last synced: about 1 month ago - Pushed: about 1 year ago - Stars: 3 - Forks: 0
0xbythesecond/Sentinel-Lab-Failed-Login
The Powershell script in this repository is responsible for parsing out Windows Event Log information for failed RDP attacks and using a third party API to collect geographic information about the attackers location.
Size: 76.2 KB - Last synced: 12 months ago - Pushed: 12 months ago - Stars: 0 - Forks: 0
hrtywhy/Sentinel-Queries
Cheat Sheet KQL increase your Azure Sentinel visibility & Threat Hunting
Size: 26.4 KB - Last synced: 12 months ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0
BonGabriel/azure-cloud-detection
Size: 9.77 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
0xbythesecond/Azure-SOC-Honeynet-Project
Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace
Size: 4.01 MB - Last synced: 11 months ago - Pushed: 11 months ago - Stars: 1 - Forks: 0
tomwechsler/Azure_KQL
Everything around the topic of KQL in Azure.
Size: 5.86 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 3 - Forks: 7
Bert-JanP/KQL-MISP
KQL MISP implementation for Sentinel and Defender For Endpoint | In development
Size: 83 KB - Last synced: 12 months ago - Pushed: 12 months ago - Stars: 0 - Forks: 0
hoferandrea/blog
This repo contains content which ist related to my blog https://hoferlabs.ch/.
Language: PowerShell - Size: 12.7 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
squaredup/samples
A collection of sample dashboards, custom labels, mustaches, SQL scripts and PowerShell scripts to help you get the most out of SquaredUp. #community-powered
Language: PowerShell - Size: 8.18 MB - Last synced: 2 months ago - Pushed: over 1 year ago - Stars: 18 - Forks: 13
y0nil/kusto.blog
A technical blog about Kusto
Language: HTML - Size: 2.66 MB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 10 - Forks: 2
tobiasmcvey/kusto-queries
example queries for learning the kusto language
Size: 31.3 KB - Last synced: about 1 year ago - Pushed: almost 3 years ago - Stars: 74 - Forks: 29
PaulNiklausPraveen/Kusto-Query-Language-KQL-
Kusto Query Language is a powerful tool to explore your data and discover patterns, identify anomalies and outliers, create statistical modeling, and more. The query uses schema entities that are organized in a hierarchy similar to SQLs: databases, tables, and columns
Language: C - Size: 19.5 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
noodlemctwoodle/pf-azure-sentinel 📦
Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.
Size: 1.23 MB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 25 - Forks: 5
stuymedova/kirby-sveltekit
[SETUP] SvelteKit frontend for Kirby CMS + KQL backend
Language: JavaScript - Size: 479 KB - Last synced: over 1 year ago - Pushed: over 1 year ago - Stars: 9 - Forks: 1
stuymedova/kirby-headless
[SETUP] Kirby as a Headless CMS (Kirby + KQL)
Language: PHP - Size: 1.05 MB - Last synced: over 1 year ago - Pushed: over 2 years ago - Stars: 4 - Forks: 0
alexandre-lecoq/KeywordQueryLanguageCompiler
Compiles KQL expression to SQL Server fulltext queries.
Language: C# - Size: 622 KB - Last synced: over 1 year ago - Pushed: over 4 years ago - Stars: 2 - Forks: 0
0xbythesecond/azure-cloud-detection
Size: 1.94 MB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
B0neShAd0w/Code-Snippets
Code Snippets
Language: PowerShell - Size: 93.8 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
FabianBorz01/KQL-queries
My KQL queries :) Feel free to use and improve them.
Size: 8.79 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
mgijo/MDE
Defender for Endpoint Advanced Hunting Queries
Size: 2.93 KB - Last synced: 12 months ago - Pushed: about 3 years ago - Stars: 2 - Forks: 0
shehanperera85/KQL-Engine
Repo includes KQL queries that you can run in your Azure Log Analyics environment.
Size: 12.7 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 3 - Forks: 0
pthoor/KustoDetectiveAgencyHints
Hints for the Kusto Detective Agency
Size: 18.6 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 12 - Forks: 2
andrewmatveychuk/azure.monitor
Sample templates for Azure Monitor tools
Language: JSON - Size: 15.6 KB - Last synced: over 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 1
KenBab/sentinel
Private repository for Sentinel related documentation, gists, scripts and code snippets which might be useful for implementation, tuning and troubleshooting
Language: D - Size: 69.3 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 2 - Forks: 0
mtonosaki/SyslogAzureMonitorBridge
Windows Service of Syslog listener and send the messages to Azure Monitor
Language: C# - Size: 132 KB - Last synced: over 1 year ago - Pushed: almost 2 years ago - Stars: 2 - Forks: 1
chrisbues/kqlmagic
Collection of Azure Log Analytics/Sentinel queries
Size: 18.6 KB - Last synced: about 1 year ago - Pushed: about 2 years ago - Stars: 1 - Forks: 0
mgijo/mgijo
Config files for my GitHub profile.
Size: 10.7 KB - Last synced: 12 months ago - Pushed: about 2 years ago - Stars: 0 - Forks: 0
McL0vinn/MicrosoftDefender-DiscordCNC
Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script execution ( .vbs , .bat etc)
Size: 5.86 KB - Last synced: 10 days ago - Pushed: almost 3 years ago - Stars: 1 - Forks: 0
teachjing/TeachJing
My Github Profile
Size: 450 KB - Last synced: 10 months ago - Pushed: about 1 year ago - Stars: 1 - Forks: 1
T13nn3s/microsoft
Microsoft related PowerShell scripts and KQL queries
Language: PowerShell - Size: 25.4 KB - Last synced: over 1 year ago - Pushed: over 2 years ago - Stars: 2 - Forks: 0
McL0vinn/MicrosoftDefender-Kaseya_IOCs
Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the Kaseya attack
Size: 3.91 KB - Last synced: 10 days ago - Pushed: almost 3 years ago - Stars: 1 - Forks: 0
JanneMattila/323-WindowsService
Sample files shared at the architect day(s) 19th-20th of November
Language: PowerShell - Size: 5.86 KB - Last synced: about 1 month ago - Pushed: over 4 years ago - Stars: 0 - Forks: 0