Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules. (by Bert-JanP)
KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint. (by LearningKijo)
Our great sponsors
Hunting-Queries-Detection-Rules | KQL | |
---|---|---|
7 | 5 | |
997 | 394 | |
- | - | |
9.3 | 9.6 | |
5 days ago | 28 days ago | |
Python | ||
BSD 3-clause "New" or "Revised" License | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Hunting-Queries-Detection-Rules
Posts with mentions or reviews of Hunting-Queries-Detection-Rules.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-11.
- Advanced Hunting queries every admin should use
- Hunting Querie into a Detection rule
- MS Sentinel Analytics & KQL
- Analytical rules
- MDE Repointing Frequency
-
Least occurrence in MDE
This will be the query that you are looking for. I do have a lot more queries if you are interested: https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules
- Must have analytic rules
KQL
Posts with mentions or reviews of KQL.
We have used some of these posts to build our list of alternatives
and similar projects.
What are some alternatives?
When comparing Hunting-Queries-Detection-Rules and KQL you can also consider the following projects:
Microsoft-365-Defender-Hunting-Queries - Sample queries for Advanced hunting in Microsoft 365 Defender
chatgpt-raycast - ChatGPT raycast extension
kusto-queries - example queries for learning the kusto language
Sentinel-Queries - Collection of KQL queries
AzureHunter - A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
Linux Security - Ways to attack and protect Linux ๐งข
modelfirst - Draw Data Model Schema and generate code
Awesome-GPT-Agents - A curated list of GPT agents for cybersecurity
Hunting-Queries-Detection-Rules vs Microsoft-365-Defender-Hunting-Queries
Hunting-Queries-Detection-Rules vs chatgpt-raycast
Hunting-Queries-Detection-Rules vs kusto-queries
Hunting-Queries-Detection-Rules vs Sentinel-Queries
Hunting-Queries-Detection-Rules vs AzureHunter
Hunting-Queries-Detection-Rules vs Linux Security
Hunting-Queries-Detection-Rules vs modelfirst
Hunting-Queries-Detection-Rules vs Awesome-GPT-Agents