cyb3rmik3

Michalis Michalos's repositories

KQL-threat-hunting-queries

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

MIT439 7 1

MDE-DFIR-Resources

A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.

MIT305 10 2

Hunting-Lists

A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.

MIT27 30

cyb3rmik3

GitHub landing page repo

9 20

DFIR-Notes

Cheat sheet on memory forensics using various tools such as volatility.

8 20

MaltegoCE

Notes and comments regarding Maltego CE (community edition) and relevant available transformations for free.

5 20

Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

400

TheBarn

A description of DFIR lab setup through experience/notes/courses

2 20

bsidesath2021

References used to prepare and deliver presentation "Cyber resilience: Awareness is not enough" at Security BSides Athens 2021.

1 20

Open-Source-Threat-Intel-Feeds

This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

Language:PythonBSD-3-Clause100

PGPKey

Interested in sending something confidential? You may drop me a line at michalis -at- michalos.net using this PGP key or encrypt any file and forward it.

1 20

presentations

A repository for notes and references of presentations.

MIT100