Giters
Bert-Jan (Bert-JanP)

Bert-JanP

Geek Repo

389

followers

14

following

28

stars

Home Page:https://kqlquery.com/

Twitter:@BertJanCyber

Github PK Tool:Github PK Tool

Organizations
invictus-ir

Bert-Jan's repositories

Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Language:PythonLicense:BSD-3-ClauseStargazers:1047Issues:52Issues:4

Open-Source-Threat-Intel-Feeds

This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

Language:PythonLicense:BSD-3-ClauseStargazers:476Issues:12Issues:2

Incident-Response-Powershell

PowerShell Digital Forensics & Incident Response Scripts.

Language:PowerShellLicense:BSD-3-ClauseStargazers:422Issues:9Issues:4

Domain-Response

Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automated phishing domain investigations. However it can be used for every domain to gather all domain information needed. This can help to classify if a domain is malicious.

Language:PythonLicense:BSD-3-ClauseStargazers:36Issues:3Issues:0

SecScripts

Security Scripts and Sources for daily usage.

Language:PythonStargazers:35Issues:3Issues:0

Sentinel-Automation

Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.

License:BSD-3-ClauseStargazers:30Issues:2Issues:0

AzSentinelQueries

Repository with Sentinel Analytics Rules and Hunting Queries

Stargazers:5Issues:0Issues:0

Sentinel-Queries

Collection of KQL queries

Stargazers:5Issues:0Issues:0

awesome-kql-sentinel

A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel

Stargazers:4Issues:1Issues:0

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Language:Jupyter NotebookLicense:MITStargazers:4Issues:1Issues:0

awesome-detection-rules

This is a collection of threat detection rules / rules engines that I have come across.

Stargazers:2Issues:1Issues:0

ALFA

ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework

Language:PythonLicense:MITStargazers:1Issues:1Issues:0

aws_dataset

A dataset with CloudTrail events from an attack simulation using Stratus.

License:MITStargazers:1Issues:0Issues:0

Invictus-training

Repository with supporting materials for Invictus Academy/Training

Stargazers:1Issues:0Issues:0

kql_queries

KQL queries for Incident Response

Stargazers:1Issues:0Issues:0

MDE-DFIR-Resources

A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

Stargazers:1Issues:1Issues:0

Sigma-AWS

This repository contains the research and components of our research into using Sigma for AWS Incident Response.

Language:PythonLicense:MITStargazers:1Issues:1Issues:0

OpenSSL-2022

Operational information about the recently announced vulnerability in OpenSSL 3

License:MITStargazers:0Issues:1Issues:0

FalconFriday

Hunting queries and detections

License:BSD-3-ClauseStargazers:0Issues:1Issues:0

mddrguidance

Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report

Stargazers:0Issues:1Issues:0

Presentations

Stargazers:0Issues:0Issues:0