Results for "kql"

Claude Code Claude Desktop GitHub Copilot Cursor Windsurf Cline Zed JetBrains

📄SKILL.md 🤖CLAUDE.md ⚡Claude Commands 📐.cursorrules 📐Cursor Rules 🕹️AGENTS.md 🧬codex.md 🏄.windsurfrules 🔧.clinerules 🧑‍✈️Copilot Instructions

All Development Operations Data Product Marketing Customer Design Sales

196 skills found · Page 1 of 7

Bert-JanP / Hunting Queries Detection Rules

1.7k

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

universal

azureblueteamcybersecurity+12

Updated 12h ago

reprise99 / Sentinel Queries

1.6k

Collection of KQL queries

universal

Updated 12h ago

rod-trent / MustLearnKQL

1.2k

Code included as part of the MustLearnKQL blog series

universal

Updated 2d ago

edoardogerosa / Sentinel Attack

1.1k

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

universal

azureazure-sentinelblue-team+12

Updated 1d ago

FalconForceTeam / FalconFriday

893

Hunting queries and detections

universal

blueteamdefender-atpdefender-for-endpoint+4

Updated 6d ago

SlimKQL / Hunting Queries Detection Rules

862

KQL Queries. Microsoft Defender, Microsoft Sentinel

universal

azuredefenderdefenderxdr+6

Updated 3h ago

Cyb3r-Monk / Threat Hunting And Detection

808

Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).

universal

cybersecuritydefender-for-endpointdetection-engineering+6

Updated 2d ago

cyb3rmik3 / KQL Threat Hunting Queries

766

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

universal

kqlkustokusto-query+16

Updated 12h ago

LearningKijo / KQL

487

Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.

universal

edrincident-responsekql+3

Updated 14d ago

rod-trent / SentinelKQL

471

Azure Sentinel KQL

universal

Updated 24d ago

alexverboon / MDATP

455

MDATP

universal

blogsdefender-for-cloud-appsdefender-for-endpoint+6

Updated 24d ago

cyb3rmik3 / MDE DFIR Resources

454

A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

universal

curated-collectionscurated-listdfir+12

Updated 17d ago