Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
-
Updated
Jun 12, 2024 - PowerShell
Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
K9-Defender is highly Simple with a Sophisticated Watchdog System and a Powerful Process Scanning both for Windows 10 and 11
IOC Generator for Microsoft Defender for Endpoints
ASR Configurator, Essentials and Atomic Testing
Hunting queries and detections
Microsoft Intune Custom Compliance
Microsoft Endpoint reference resources
Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
Experimental infrastructure and concepts for Azure Defender for Cloud
Microsoft Defender XDR - Resource Hub
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
Microsoft Defender for Endpoint PowerShell module
Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
Logic App with Azure Durable Functions
This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.
A PowerShell module to interact with Microsoft's Defender for Endpoint API.
Repo includes KQL queries that you can run in your Azure Log Analyics environment.
Config files for my GitHub profile.
Python for Security is the home of all open source Python projects that can integrate with Microsoft Technologies.
Add a description, image, and links to the defender-for-endpoint topic page so that developers can more easily learn about it.
To associate your repository with the defender-for-endpoint topic, visit your repo's landing page and select "manage topics."