Search
Collection
Category
Tag
Blog
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

AISecKit

Curated AI security tools & LLM safety resources for cybersecurity professionals

Product

Search
Collection
Category
Tag

Resources

Blog
Pricing
Submit

Tools

🔥Marathons Tools

Company

About Us
Privacy Policy
Terms of Service
Sitemap

Copyright © 2025 All Rights Reserved.

Home
Category
SlimKQL Hunting-Queries-Detection-Rules

SlimKQL Hunting-Queries-Detection-Rules

A repository of KQL queries for Microsoft Defender and Sentinel to enhance detection capabilities.

Introduction

Information

Publisher
AISecKit
Websitegithub.com
Published date2025/04/28

Categories

Incident Response Tools
DevSecOps Tools
Security Research

Tags

Security Auditing
Open Source
Incident Response
Threat Intelligence

More Products

I Wanna Get All

OA漏洞利用工具 for exploiting vulnerabilities in various OA systems.

Exploit Development Security Firms Security Auditing Incident Response Vulnerability Scanning+1

darkPulse

darkPulse is a Go-based shellcode packer for generating various shellcode loaders, bypassing common antivirus software.

Exploit Development Security Auditing Open Source Incident Response Red Team Operations

vagent

多功能 java agent 内存马 for injecting various payloads into Java applications.

Open Source Penetration Testing

SlimKQL Hunting-Queries-Detection-Rules

This repository provides a collection of KQL (Kusto Query Language) queries designed for use with Microsoft Defender, Microsoft Sentinel, and other Microsoft security solutions. The primary goal is to enhance detection coverage through the logs of Microsoft Security products. Not all suspicious activities generate alerts by default, but many can be detected through these queries.

Key Features:

Detection Rules: Predefined queries to identify suspicious activities.
Hunting Queries: Custom queries for proactive threat hunting.
Visualizations: Tools to visualize data for better insights.

Benefits:

Open Access: Anyone can use the queries freely.
Community Contribution: Users are encouraged to contribute and share their findings.
Legal Compliance: Proper attribution is required when sharing or using the content.

Highlights:

Maintained by Steven Lim and contributors.
Regular updates and commits to ensure relevance and effectiveness.