bert-janp Goto Github PK
Name: Bert-Jan
Type: User
Bio: Cyber Security Specialist | Blue Team | KQL | Sentinel | MDE
Twitter: BertJanCyber
Blog: https://kqlquery.com/
Name: Bert-Jan
Type: User
Bio: Cyber Security Specialist | Blue Team | KQL | Sentinel | MDE
Twitter: BertJanCyber
Blog: https://kqlquery.com/
ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework
This is a collection of threat detection rules / rules engines that I have come across.
A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
A dataset with CloudTrail events from an attack simulation using Stratus.
Repository with Sentinel Analytics Rules and Hunting Queries
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automated phishing domain investigations. However it can be used for every domain to gather all domain information needed. This can help to classify if a domain is malicious.
Hunting queries and detections
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
PowerShell Digital Forensics & Incident Response Scripts.
Repository with supporting materials for Invictus Academy/Training
KQL queries for Incident Response
Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
Operational information about the recently announced vulnerability in OpenSSL 3
Security Scripts and Sources for daily usage.
Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.
Collection of KQL queries
This repository contains the research and components of our research into using Sigma for AWS Incident Response.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.