Updated Sigma2KQL script written by @CodeByHarri
-
Updated
Jun 5, 2024 - Python
Updated Sigma2KQL script written by @CodeByHarri
C# KQL query engine with flexible I/O layers and visualization
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Defender XDR Advanced Hunting Queries (MDE, MDAV, Device Discovery)
Repository with Sentinel Analytics Rules and Hunting Queries
KQL Queries. Microsoft 365 Defender, Microsoft Sentinel
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
Hunting Queries for Defender ATP
Technical content and slides from conference sessions presented by Abhi Jayanty
This repository contains a selection of Kusto Query Language (KQL) queries designed for proactive threat hunting. Aligned with the MITRE ATT&CK framework, these queries are crafted to detect and address potential threats effectively.
CyberSec Projects
Add a description, image, and links to the kql topic page so that developers can more easily learn about it.
To associate your repository with the kql topic, visit your repo's landing page and select "manage topics."