Steven Lim
@stevenlim.bsky.social
#Cybersecurity #Sentinel #DefenderXDR #KQL #Azure #M365 #KQLWizard
https://detections.ai/user/KQLWizard
https://detections.ai/user/KQLWizard
January 3, 2025 at 12:11 PM
Custom detection code:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...
January 1, 2025 at 9:38 AM
Custom detection code:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...
Custom detection code:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...
January 1, 2025 at 9:35 AM
Custom detection code:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...
Thanks! :) The threat actor social engineering attacks are targeting normal business users, uers with role are technical in nature and tend not to follow these type of instruction, hence I exclude this group of privilege roles users.
December 17, 2024 at 7:28 AM
Thanks! :) The threat actor social engineering attacks are targeting normal business users, uers with role are technical in nature and tend not to follow these type of instruction, hence I exclude this group of privilege roles users.
December 2, 2024 at 6:01 AM
December 1, 2024 at 12:38 PM
Hunting Rockstar 2FA:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...
Hunting-Queries-Detection-Rules/Sentinel/Hunting Rockstar 2FA.kql at main · SlimKQL/Hunting-Queries-Detection-Rules
KQL Queries. Microsoft Defender, Microsoft Sentinel - SlimKQL/Hunting-Queries-Detection-Rules
github.com
November 29, 2024 at 5:30 PM
Hunting Rockstar 2FA:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...
KQL Code:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...
Hunting-Queries-Detection-Rules/DefenderXDR/Social Engineering Attack Monitor - Teams & Emails.kql at main · SlimKQL/Hunting-Queries-Detection-Rules
KQL Queries. Microsoft Defender, Microsoft Sentinel - SlimKQL/Hunting-Queries-Detection-Rules
github.com
November 29, 2024 at 8:47 AM
KQL Code:
github.com/SlimKQL/Hunt...
github.com/SlimKQL/Hunt...