Bert-Jan's repositories
Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Open-Source-Threat-Intel-Feeds
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
Incident-Response-Powershell
PowerShell Digital Forensics & Incident Response Scripts.
Domain-Response
Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automated phishing domain investigations. However it can be used for every domain to gather all domain information needed. This can help to classify if a domain is malicious.
SecScripts
Security Scripts and Sources for daily usage.
Sentinel-Automation
Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.
AzSentinelQueries
Repository with Sentinel Analytics Rules and Hunting Queries
Sentinel-Queries
Collection of KQL queries
awesome-kql-sentinel
A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
Azure-Sentinel
Cloud-native SIEM for intelligent security analytics for your entire enterprise.
awesome-detection-rules
This is a collection of threat detection rules / rules engines that I have come across.
aws_dataset
A dataset with CloudTrail events from an attack simulation using Stratus.
Invictus-training
Repository with supporting materials for Invictus Academy/Training
kql_queries
KQL queries for Incident Response
MDE-DFIR-Resources
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
OpenSSL-2022
Operational information about the recently announced vulnerability in OpenSSL 3
FalconFriday
Hunting queries and detections
mddrguidance
Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report