-
Notifications
You must be signed in to change notification settings - Fork 3k
Community Tools and Detection Resources
Preeti Krishna edited this page Nov 29, 2021
·
4 revisions
This page is collection of tools and threat hunting queries or detections written by Microsoft Sentinel community. If you`ve written KQL detections based on Microsoft Sentinel datasources and missing in the below list, please let us know. The list is chronological order with most recent publication appearing top of the list.
| Year | Month | Type | Language | Title | Author |
|---|---|---|---|---|---|
| 2019 | Dec | Scripts | PowerShell |
Collection of scripts to support Microsoft Sentinel operation Blog : Extract all Microsoft Sentinel incidents Connect Azure Security Center to Microsoft Sentinel programatically |
Thuan Nguyen |
| 2019 | September | Code Framework | PowerShell |
PowerShell module for Microsoft Sentinel Blog: Microsoft Sentinel: automating your Use Cases with PowerShell and the #AzSentinel module |
Wortel Sec |
| 2019 | August | Detection/Hunting Queries | KQL | Repository of Microsoft Sentinel alerts and hunting queries leveraging sysmon and the MITRE ATT&CK framework | BlueTeamLabs |
| 2019 | August | Detection/Hunting Queries | KQL | Repository of Microsoft Sentinel alerts and hunting queries leveraging sysmon and the MITRE ATT&CK framework | BlueTeamLabs |
- Ingest Custom Logs via REST API