Skip to content

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

License

Notifications You must be signed in to change notification settings

KernelCaleb/Cyb3r-Monk-Threat-Hunting-and-Detection

 
 

Repository files navigation

Threat Hunting and Detection

Repository for threat hunting and detection queries, tools, etc.

Learn Kusto Query Language (KQL)

If you want to elevate your threat hunting, detection engineering, and incident response skills using KQL, check out my KQL courses!

KQL Courses

Warning!

Whatever you use from the repository, double check its correctness, test it in your environment. Please, DO NOT just copy and paste.

Presenting it as your own is illegal and forbidden. Apart from that, you can use the content anyway you like with a reference to @Cyb3rMonk (Twitter) or Cyb3r-Monk (Github). It is much appreciated.

Want to Support?

If you like my work, have benefited from it, and want to show appreciation, pay it forward

About

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Jupyter Notebook 100.0%