Similar repositories to reprise99/kql-for-dfir:
reprise99/kql-for-dfir
github
similar
SecureHats/validate-detections
github
similar
cventour/PoSH
github
similar
jsa2/kql
github
similar
DATCResearch/Sentinel-UseCase-BEC365-IR
github
similar
silverhack/monkey365
github
similar
unifi-utilities/unifios-utilities
github
similar
danistefanovic/build-your-own-x
github
similar
rod-trent/SentinelKQL
github
similar
eshlomo1/Microsoft-Defender-for-Endpoint-Queries
github
similar
Sebmolendijk/mcas-labs
github
similar
anthonws/MDATP_PoSh_Scripts
github
similar
ep3p/Sentinel_KQL
github
similar
mjmelone/KQL
github
similar
rod-trent/AddictedtoKQL
github
similar
rod-trent/OnPremSecMonitoring4Sentinel
github
similar
Corissalea/KQL-and-Azure-AD-Workbooks
github
similar
OTRF/OSSEM-CDM
github
similar
microsoft/ASDET
github
similar
microsoft/MicrosoftDefenderForEndpoint-API-PowerShell
github
similar
wortell/KQL
github
similar
MiladMSFT/AdvHuntingCheatSheet
github
similar
AzureAD/IdentityProtectionTools
github
similar
rod-trent/SentinelPS
github
similar
rod-trent/MustLearnKQL
github
similar
rod-trent/SentinelPlaybooks
github
similar
ashwin-patil/blue-teaming-with-kql
github
similar
tsale/Sigma_rules
github
similar
reprise99/Sentinel-Queries
github
similar
JesseEsquivel/MDATP
github
similar
hpthreatresearch/iocs
github
similar
theflakes/sigma_to_wazuh
github
similar
AustinCloudGuru/ansible-role-splunk-forwarder
github
similar
AzureAD/MSIdentityTools
github
similar
joshzelonis/EnterpriseAPT29Eval
github
similar
sreedharande/Microsoft-Sentinel-As-A-Code
github
similar
Cloud-Architekt/AzureRBAC
github
similar
weslambert/securityonion-misp
github
similar
gmellini/Microsoft-Defender-Security-Center-Hunting-Queries
github
similar
jsa2/EAST
github
similar