Custom made Query which you can run in your Microsoft Defender - Advanced Hunting tool to look for network activity related to Egregor Ransomware.
-
Updated
Mar 9, 2021
Custom made Query which you can run in your Microsoft Defender - Advanced Hunting tool to look for network activity related to Egregor Ransomware.
K9-Defender is highly Simple with a Sophisticated Watchdog System and a Powerful Process Scanning both for Windows 10 and 11
IOC Generator for Microsoft Defender for Endpoints
Config files for my GitHub profile.
Defender for Endpoint Advanced Hunting Queries
Experimental infrastructure and concepts for Azure Defender for Cloud
Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script execution ( .vbs , .bat etc)
Logic App with Azure Durable Functions
Microsoft Endpoint reference resources
Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
Repo includes KQL queries that you can run in your Azure Log Analyics environment.
A PowerShell module to interact with Microsoft's Defender for Endpoint API.
ASR Configurator, Essentials and Atomic Testing
Microsoft Defender for Endpoint PowerShell module
Microsoft Intune Custom Compliance
This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.
Python for Security is the home of all open source Python projects that can integrate with Microsoft Technologies.
Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
Microsoft Defender XDR - Resource Hub
Add a description, image, and links to the defender-for-endpoint topic page so that developers can more easily learn about it.
To associate your repository with the defender-for-endpoint topic, visit your repo's landing page and select "manage topics."