KQL Search

CVE 2024 10443 Hunting RISKSTATION

Author: Steven LimReleased: 11/6/2024

Hunting VEIL Drive C2

Author: Steven LimReleased: 11/6/2024

MDCA MDO Mail Items Accessed By Compromised Account

Author: Bert-Jan PalsReleased: 11/5/2024

EDR Sandblast

Author: Ali HusseinReleased: 11/4/2024

Community Repositories

Author: Bert-Jan PalsReleased: 11/3/2024

Suspicious Rdp Files In Outlook Temporary Folders

Author: Michalis MichalosReleased: 11/3/2024

Detect Word Press Plugins From HTTP Requests

Author: Sergio AlbeaReleased: 10/31/2024

Large Number Of V Ms Started

Author: Bert-Jan PalsReleased: 10/31/2024

Visualization Copilot Models Used

Author: Bert-Jan PalsReleased: 10/29/2024

Monitoring Potential Sign In Attempts From Airport Networks

Author: Sergio AlbeaReleased: 10/24/2024

Identify Browser Extensions With Can Turnoff Malware Protections Permissions In Endpoints With No Tamper Protection

Author: Michalis MichalosReleased: 10/20/2024

Honeypot Threat Intelligence TI Data

Author: Steven LimReleased: 10/19/2024

MDO Enhancing Email Security With NRD Filtering

Author: Steven LimReleased: 10/17/2024

Detecting Port Scanning On Internet Facing Devices

Author: Steven LimReleased: 10/16/2024

Detect Sensitive And Confidential Files Sent By Email

Author: Sergio AlbeaReleased: 10/16/2024

Defender XDR Alert Evidence Summarized

Author: Jose Sebastián CanósReleased: 10/16/2024

Defender XDR M365 Copilot Extensions Threat Monitoring

Author: Steven LimReleased: 10/16/2024

Malfunction Hunting Query Not Working In Graph API

Author: Jose Sebastián CanósReleased: 10/15/2024

Entra User Account Compromised By C2

Author: Steven LimReleased: 10/15/2024

The Hunt For Blob Phishing Mail Domain

Author: Steven LimReleased: 10/15/2024

Prioritize Secure Configuration

Author: Bert-Jan PalsReleased: 10/14/2024

Author: Steven LimReleased: 10/14/2024

Chrome Extension Stealth Persistence Detection

Author: Steven LimReleased: 10/13/2024

M365 Copilot Extensions Threat Monitoring

Author: Steven LimReleased: 10/13/2024

Detecting New Copilot Extensions

Author: Steven LimReleased: 10/12/2024

Technique Profile E Discovery Misuse Detection

Author: Steven LimReleased: 10/11/2024

Detect CVE 2024 43572 Abuse

Author: Steven LimReleased: 10/10/2024

MDE Device Rename

Author: Alex VerboonReleased: 10/9/2024

MDE Defender Exclusions Enumerations

Author: Alex VerboonReleased: 10/9/2024

Av Scan Results

Author: Bert-Jan PalsReleased: 10/9/2024

Identity Directory Events SID History Changed

Author: Jose Sebastián CanósReleased: 10/9/2024

Identity Directory Events ADFS DKM Property Read

Author: Jose Sebastián CanósReleased: 10/9/2024

Parsing Unified AZKV Audit Logs

Author: Jose Sebastián CanósReleased: 10/8/2024

Custom Detection Report

Author: Bert-Jan PalsReleased: 10/8/2024

Detecting Mamba 2FA Phishing As A Service

Author: Steven LimReleased: 10/8/2024

Detect Pn P Devices Connected To My Endpoint Machines

Author: Sergio AlbeaReleased: 10/7/2024

Identify Network Shares With Write Permissions Set To Everyone In Highly Exposed Devices

Author: Michalis MichalosReleased: 10/6/2024

Top 10 Most Sprayed UP Ns By I Ps And Countries Using Behaviour Analytics

Author: Steven LimReleased: 10/6/2024

Self Signed Certificates