Skip to content

Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or even inspiration).

License

Notifications You must be signed in to change notification settings

SecurityAura/DE-TH-Aura

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

DE-TH-Aura

As of 2024/08/05, since I'm on paternity leave, this repo will be organized in a way that I see fit which means ... it may be all over the place. However, as I add more detection, queries, etc. I'll try to organize it in a way that makes it easier to navigate and find stuff.

Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or even inspiration). These sources can be:

  • Tweets
  • Blog posts
  • Research articles
  • Random thoughts
  • Stuff I come across in my day-to-day work

Most of the queries in this repository will be in KQL (Microsoft Sentinel, Microsoft Defender XDR). At some point, I would like to add some pseudo-code using Sigma but for now, it'll be KQL only

The template used to create the various pages in this repo comes from Bert-JanP Hunting-Queries-Detection-Rules repo! Make sure to give it a star and follow it!

https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules/blob/main/DetectionTemplate.md

About

Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or even inspiration).

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published