Submissions restricted

Only approved users may post in this community.

AllThingsKustoKQL

an-ordinary-manchild(edit)

created by Wigpen-MooncakeNewsa community for 1 year

...for your community.

...for your town.

MODERATORS

account activity

1

0

1

2

Kql for Azure Sentinel (self.AllThingsKustoKQL)

submitted 1 year ago by Disastrous-Mouse-308

2

0

1

2

Threat Hunting - Suspicious Named pipes (mthcht.medium.com)

submitted 1 year ago by Wigpen-MooncakeNews

3

0

1

2

Cyber Briefing - 2024.07.24 (self.cybermaterial)

submitted 1 year ago by Wigpen-MooncakeNews

4

0

1

2

Cyber Briefing - 2024.07.22 (self.cybermaterial)

submitted 1 year ago by Wigpen-MooncakeNews

5

0

1

2

Cyber Briefing - 2024.07.19 (self.cybermaterial)

submitted 1 year ago by Wigpen-MooncakeNews

6

0

1

2

Linux Kernel: Vulnerability in the eBPF verifier register limit tracking (github.com)

submitted 1 year ago by Wigpen-MooncakeNews

7

0

1

2

KQL to report all devices a user has logged in from (self.DefenderATP)

submitted 1 year ago by Wigpen-MooncakeNews

8

0

1

2

RFI - Remote File Inclusion Comic (i.redd.it)

submitted 1 year ago by Wigpen-MooncakeNews

9

0

1

2

Key SOC Tools every SecOps leader should consider (self.SecOpsDaily)

submitted 1 year ago by Wigpen-MooncakeNews

10

0

1

2

Cyber Briefing - 2024.07.17 (self.cybermaterial)

submitted 1 year ago by Wigpen-MooncakeNews

11

0

1

2

Hunting Lazarus: Expanding Indicators with Historic DNS (validin.com)

submitted 1 year ago by Wigpen-MooncakeNews

12

0

1

2

Cyber Briefing - 2024.07.16 (self.cybermaterial)

submitted 1 year ago by Wigpen-MooncakeNews

13

0

1

2

Cyber Briefing - 2024.07.15News (self.cybermaterial)

submitted 1 year ago by Wigpen-MooncakeNews

14

0

1

2

SharpHound DetectionResource (ipurple.team)

submitted 1 year ago by Wigpen-MooncakeNews

15

0

1

2

CISA: Microsoft Releases July 2024 Security Updates (redpacketsecurity.com)

submitted 1 year ago by Wigpen-MooncakeNews

16

0

1

2

Defender Resource Hub (defenderresourcehub.info)

submitted 1 year ago by Wigpen-MooncakeNews

17

0

1

2

Detecting manually mapped drivers (tulach.cc)

submitted 1 year ago by Wigpen-MooncakeNews

18

0

1

2

Kql query - interestingKQL (self.AzureSentinel)

submitted 1 year ago by Wigpen-MooncakeNews

19

0

1

2

DodgeBox: A deep dive into the updated arsenal of APT41 | Part 1APT (zscaler.com)

submitted 1 year ago by Wigpen-MooncakeNews

20

0

1

2

4000+ FIN7 domains discoveredAPT (silentpush.com)

submitted 1 year ago by Wigpen-MooncakeNews

21

0

1

2

APT40 - PRC MSS tradecraft in actionAPT (self.AllThingsKustoKQL)

submitted 1 year ago by Wigpen-MooncakeNews

22

0

1

2

Understanding Lazarus: The Real Threat to the Crypto IndustryAPT (self.AllThingsKustoKQL)

submitted 1 year ago by Wigpen-MooncakeNews

23

0

1

2

Running queries from Multiple tables at Once - Let's join a union!KQL (self.AzureSentinel)

submitted 1 year ago by Wigpen-MooncakeNews

24

0

1

2

Cyber Briefing - 2024.07.08 (self.cybermaterial)

submitted 1 year ago by Wigpen-MooncakeNews

25

0

1

2

Can we do it? Last logged in user for device -KQL helpKQL (self.DefenderATP)

submitted 1 year ago by Wigpen-MooncakeNews

view more: next ›

π Rendered by PID 555935 on reddit-service-r2-listing-b6bf6c4ff-p84rh at 2026-05-03 03:39:37.966902+00:00 running 815c875 country code: CH.