Kql Threat Hunting Queries

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

Categories > Companies > Microsoft

Suggest Alternative

Stars

287

License

mit

Open Issues

Most Recent Commit

3 months ago

Categories

Security > Security

Companies > Microsoft

Security > Threat Hunting

Repo

Alternatives To Kql Threat Hunting Queries

Project Name	Stars	Most Recent Commit	Open Issues	License	Language
Mdatp	429	4 months ago	2	mit	PowerShell
Microsoft Defender XDR - Resource Hub
Kql Threat Hunting Queries	287	3 months ago		mit
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Yara Rules	261	2 years ago	1	mit	Python
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Microsoft Sentinel Secops	211	6 months ago		mit	PowerShell
Microsoft Sentinel SOC Operations
Advancedhuntingqueries	73	5 months ago		unlicense
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
Judge Jury And Executable	68	a year ago		agpl-3.0	C
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

Alternatives To Kql Threat Hunting Queries

Select To Compare

Mdatp ⭐ 429

Microsoft Defender XDR - Resource Hub

most recent commit 4 months ago

Kql Threat Hunting Queries ⭐ 287

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

most recent commit 3 months ago

Yara Rules ⭐ 261

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

most recent commit 2 years ago

Microsoft Sentinel Secops ⭐ 211

Microsoft Sentinel SOC Operations

most recent commit 6 months ago

Advancedhuntingqueries ⭐ 73

Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant

most recent commit 5 months ago

Judge Jury And Executable ⭐ 68

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

most recent commit a year ago

Suggest An Alternative To KQL-threat-hunting-queries

Alternative Project Comparisons

Kql Threat Hunting Queries vs Mdatp

Kql Threat Hunting Queries vs Yara Rules

Kql Threat Hunting Queries vs Microsoft Sentinel Secops

Kql Threat Hunting Queries vs Advancedhuntingqueries

Kql Threat Hunting Queries vs Judge Jury And Executable

Popular Microsoft Projects

Vscode ⭐ 158,028

Visual Studio Code

dependent packages 162total releases 758latest release December 03, 2023most recent commit 14 days ago

Microsoft Activation Scripts ⭐ 57,335

A Windows and Office activator using HWID / Ohook / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.

most recent commit 4 months ago

Calculator ⭐ 28,388

Windows Calculator: A simple yet powerful calculator that ships with Windows

most recent commit 3 months ago

Linkedin Skill Assessments Quizzes ⭐ 27,792

Full reference of LinkedIn answers 2023 for skill assessments (aws-lambda, rest-api, javascript, react, git, html, jquery, mongodb, java, Go, python, machine-learning, power-point) linkedin excel test lösungen, linkedin machine learning test LinkedIn test questions and answers

dependent packages 2total releases 6latest release May 24, 2021most recent commit 3 months ago

npm linkedin-quiz-skill-assessments} Downloads

Awesome ⭐ 23,918

:computer: 🎉 An awesome & curated list of best applications and tools for Windows.

most recent commit 7 months ago

Popular Threat Hunting Projects

Misp ⭐ 4,835

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

most recent commit 3 months ago

Sysmon Config ⭐ 4,512

Sysmon configuration file template with default high-quality event tracing

most recent commit 3 months ago

Dnstwist ⭐ 4,285

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

dependent packages 2total releases 21latest release September 18, 2023most recent commit 4 months ago

Threathunter Playbook ⭐ 3,826

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

most recent commit 3 months ago

Suricata ⭐ 3,738

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

dependent packages 1total releases 4latest release January 31, 2023most recent commit 3 months ago

Popular Companies Categories