Skip to content
This repository has been archived by the owner on Nov 16, 2023. It is now read-only.

Pull requests: microsoft/Microsoft-365-Defender-Hunting-Queries

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Assignee
Filter by who’s assigned
Sort

Pull requests list

Created IdentifyingRareProcesses.csl
#125 opened Apr 24, 2020 by mjmelone Loading…
Create Network Spray Detector.csl
#128 opened Apr 30, 2020 by mjmelone Loading…
Create Logon Statistics by Device.csl
#138 opened May 7, 2020 by mjmelone Loading…
Create Device Logon Statistics by Account.csl
#139 opened May 7, 2020 by mjmelone Loading…
Create Dns Resolution Statistics.csl
#141 opened May 13, 2020 by mjmelone Loading…
PowerShell Empire related pages
#203 opened Aug 18, 2020 by martyav Loading…
added vpn-exploits.md
#205 opened Aug 18, 2020 by martyav Loading…
added font-parsing-vulnerabilities.md
#206 opened Aug 20, 2020 by martyav Loading…
added 2019-rdp-vulnerabilities
#208 opened Aug 20, 2020 by martyav Loading…
added pages related to dudear activity
#209 opened Aug 21, 2020 by martyav Loading…
Create Changes to Antimalware Exclusions.md
#255 opened Dec 11, 2020 by mjmelone Loading…
Updating to use the new UsbDriveMounted events
#350 opened May 18, 2021 by mjmelone Loading…
File Creation Statistical Analysis
#352 opened May 25, 2021 by A-dd-Y Loading…
Update Suspicious Spoolsv Child Process.md
#373 opened Jul 2, 2021 by endisphotic Loading…
Create SolarWinds -CVE-2021-35211
#381 opened Jul 14, 2021 by Shivammalaviya Loading…
Create Pulse Secure.md
#388 opened Jul 22, 2021 by Shivammalaviya Loading…
Create Ousaban Banking Trojan.md
#393 opened Jul 28, 2021 by Shivammalaviya Loading…
ProxyShell.md
#396 opened Aug 9, 2021 by Shivammalaviya Loading…
Create EarthBaku-APT-41-files-domains.txt
#414 opened Aug 26, 2021 by Phoenix9032 Loading…
Update Qakbot discovery activies.md
#417 opened Sep 13, 2021 by cbresponse Loading…
Updated to use the new UsbDriveMounted event
#419 opened Sep 17, 2021 by mjmelone Loading…
Update Airlift 2021 - Lets Invoke.csl
#423 opened Oct 6, 2021 by KustoKing Loading…
Update insider-threat-detection-queries.md
#428 opened Nov 3, 2021 by sei-nitc Loading…
Update qakbot-campaign-process-injection.md
#429 opened Nov 9, 2021 by ionsor Loading…
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.