KQL Search
Assistant
Generator
Lab
Our Sponsors
❤️
Show Advanced Filters
Table:
Select...
Author:
Select...
Keyword:
Select...
Operator:
Select...
Newsletter
Popular Queries
Statistics
Submit query
Device Query
Click Fix Social Engineering Attack Detection
Author:
Steven Lim
Released:
11/20/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Detecting Brazen Bamboos Forti Client Exploit A KQL Approach
Author:
Steven Lim
Released:
11/19/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Dev Ops Third Party Application Access Via O Auth
Author:
Alex Verboon
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Dev Ops Log Audit Events
Author:
Alex Verboon
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Dev Ops Enable IP Conditional Access Policy Validation
Author:
Alex Verboon
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Dev Ops External Guest Access
Author:
Alex Verboon
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Dev Ops Allow Public Projects
Author:
Alex Verboon
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Dev Ops Additional Protection When Using Public Package Registries
Author:
Alex Verboon
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Azure Dev Ops SSH Authentication
Author:
Alex Verboon
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
CVE 2024 0012 PAN OS Authentication Bypass In The Management Web Interface
Author:
Steven Lim
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Brands Impersonation Phishing Trend
Author:
Steven Lim
Released:
11/18/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Innovative Detection Techniques Against ZIP Concatenation Attacks
Author:
Steven Lim
Released:
11/17/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Missing Dlp Rule Match Entities In Cloud App Events
Author:
Jose Sebastián Canós
Released:
11/15/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Monitor Privileged Role Assignments
Author:
Gianni Castaldi
Released:
11/15/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Monitor Break The Glass Groups
Author:
Gianni Castaldi
Released:
11/15/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
CVE 2024 49039 Windows Task Scheduler Elevation Of Privilege Vulnerability
Author:
Steven Lim
Released:
11/15/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Security Event Unusual Authentication Failure Status
Author:
Jose Sebastián Canós
Released:
11/14/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Dns Events Possible DNS Recon Query
Author:
Jose Sebastián Canós
Released:
11/14/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Big Yellow Taxi Sign In
Author:
Bert-Jan Pals
Released:
11/13/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Weird DNS Queries
Author:
Jose Sebastián Canós
Released:
11/13/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Monitoring Cross Tenant Abuse By Threat Actors
Author:
Steven Lim
Released:
11/13/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
CVE 2024 43451 Zero Day NTLM Hash Disclosure Spoofing Vulnerability
Author:
Steven Lim
Released:
11/13/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Detecting FIDO2 Passkey Abuse
Author:
Steven Lim
Released:
11/12/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Phishing By Design Two Step Attacks Using Vsdx Files
Author:
Steven Lim
Released:
11/12/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Dns Events Unusual DNS Query Type Of Internal Domain
Author:
Jose Sebastián Canós
Released:
11/11/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Server Domain Firewall Profile Check
Author:
Philip Marsh
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Enabled Account Password Spray Detection
Author:
@H1dd3n00b
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Linux Privileged Command Detection
Author:
Vighnesh Sivanesan
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
MDA Custom Warn Indicators Report
Author:
Jay Kerai
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Chinese APT VS Code Exploitation Detection
Author:
@KevinDrgz
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Windows Security Log Enumeration Detection
Author:
Andre Zeemering
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Known Bad Hash Process Detection
Author:
Nick D.
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Malware Bazaar Certificate Blocklist Detection
Author:
Jay Kerai
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Shadow Credentials Attack Detection
Author:
User Submission
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Trusted Installer Abuse Detection
Author:
Jay Kerai
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
ZAP Email Click Detection
Author:
Viktor Utter
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Sent Items Deletion Detection
Author:
Muzammil Mahmood
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Device ATP Tampering Detection
Author:
Jay Kerai
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
APT29 Team Viewer Activity Detection
Author:
Arnold Chan
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Power Shell Defensive Evasion Detection
Author:
Jay Kerai
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Purview Audit Search Monitoring
Author:
Purav
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Defender Script Scanning Disable Detection
Author:
Emre Ay
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Daily Data Usage And User Analysis
Author:
Muzammil Mahmood
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
FOCI Client ID Detection
Author:
Jay Kerai
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Default Local Admin Logon Detection
Author:
Loris Ambrozzo
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
AD Provisioning Attribute Modification Report
Author:
Suryendu Bhattacharyya
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Malicious ISP Detection
Author:
Sergio Albea
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
External Device Logon Detection
Author:
Bonk82
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
Hanada Group Crowdstrike Impersonation Detection
Author:
Jay Kerai
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X
New Entra ID Audit Operations Detection
Author:
Abiodun Adegbola
Released:
11/10/2024
Show Query
Show Explanation
Copy URL
Open on GitHub
Share on X