KQL Search
Search engine for KQL Queries
Reg Sam Dumping
Author: Ali HusseinReleased: 7/25/2024
Client IP Malfunction
Author: Jose Sebastián CanósReleased: 7/23/2024
Crowdstrike Suspicious Domains
Author: Michalis MichalosReleased: 7/20/2024
Security Event Unusual Kerberos Authentication Ticket TGT
Author: Jose Sebastián CanósReleased: 7/17/2024
Visualization Email Post Delivery Events
Author: Bert-Jan PalsReleased: 7/16/2024
Managed Identity Assignments To Resource
Author: Thomas NaunheimReleased: 7/16/2024
Alerts Related To Deception In Microsoft Defender Xdr
Author: Michalis MichalosReleased: 7/13/2024
Crypto Mining Detection
Author: Ali HusseinReleased: 7/10/2024
Xclip Executions
Author: Ali HusseinReleased: 7/9/2024
Shadow File Modified
Author: Ali HusseinReleased: 7/7/2024
CVE 2024 6387 Regresshion Identify Affected Internet Facing Endpoints
Author: Michalis MichalosReleased: 7/4/2024
CVE 2024 6387 Regresshion Identify Affected Endpoints
Author: Michalis MichalosReleased: 7/4/2024
Multiple Multiple Device Names From IP Address
Author: Jose Sebastián CanósReleased: 7/3/2024
Security Event Unusual IPC Share Access
Author: Jose Sebastián CanósReleased: 7/2/2024
Security Event Unusual Network Share Access
Author: Jose Sebastián CanósReleased: 7/2/2024
Activity Increase By Date
Author: Rod TrentReleased: 7/1/2024
TI Feed Ja3blacklist
Author: Bert-Jan PalsReleased: 6/29/2024
Mail Items Accessed
Author: Bert-Jan PalsReleased: 6/27/2024
Device Registry Events Unexpected Network Provider
Author: Jose Sebastián CanósReleased: 6/27/2024
Exposure Management Lateral Movement Paths
Author: Bert-Jan PalsReleased: 6/27/2024
Exposure Management Device Activities
Author: Bert-Jan PalsReleased: 6/26/2024
Exposure Management Cloud Permissions User
Author: Bert-Jan PalsReleased: 6/25/2024
MDE WSL
Author: Alex VerboonReleased: 6/25/2024
Device Network Events SSL Connection With Suspicious JA3 Fingerprint
Author: Jose Sebastián CanósReleased: 6/25/2024
Malicious Ja3fingerprint
Author: Ali HusseinReleased: 6/25/2024
AD Failed Logons
Author: Alex VerboonReleased: 6/24/2024
DFC Cloud Audit Events
Author: Alex VerboonReleased: 6/24/2024
MDO QR Code
Author: Alex VerboonReleased: 6/24/2024
MDE Windows 11 Missing Security Updates
Author: Alex VerboonReleased: 6/24/2024
MDE WDAC
Author: Alex VerboonReleased: 6/24/2024
Sentinel E5security Benefit
Author: Alex VerboonReleased: 6/24/2024
MDE Device Isolationstate
Author: Alex VerboonReleased: 6/24/2024
MDE Entra Synthetic Device
Author: Alex VerboonReleased: 6/24/2024
Suspicious Execution Using Wsl
Author: Michalis MichalosReleased: 6/24/2024
Suspicious Creation Of Files In Etc For Persistance In Wsl
Author: Michalis MichalosReleased: 6/24/2024
Suspicious Reconnaissance Activity Through Wsl
Author: Michalis MichalosReleased: 6/24/2024
Cloud Resource Deletion
Author: Bert-Jan PalsReleased: 6/21/2024
Most Permissive Entities
Author: Bert-Jan PalsReleased: 6/20/2024
RBAC Changes
Author: Bert-Jan PalsReleased: 6/19/2024
MDE Audit
Author: Alex VerboonReleased: 6/17/2024
Automation Account Runbook Status
Author: Alex VerboonReleased: 6/17/2024
Identify Endpoints Running Wsl Without Mde Plug In
Author: Michalis MichalosReleased: 6/16/2024
Identify Endpoints Running Wsl
Author: Michalis MichalosReleased: 6/15/2024
Email Countby Country
Author: Rod TrentReleased: 6/10/2024
Security Event Malformed Security Descriptor
Author: Jose Sebastián CanósReleased: 6/10/2024
Ransomware Leaksite Montitoring
Author: Bert-Jan PalsReleased: 6/10/2024
Users Affected By MFA Enforcement
Author: Sergio AlbeaReleased: 6/7/2024
Successful Foreign Login Attempts Analysis
Author: Muzammil MahmoodReleased: 6/7/2024
RDP Connections From Devices To Remote IP Classified By Country
Author: Sergio AlbeaReleased: 6/7/2024
TI Open Phish Free Feed Hits In Email Url Info
Author: Benjamin ZulligerReleased: 6/7/2024