Discover and read the best of Twitter Threads about #365daysofkql

Most recents (2)

Are you using any of the Microsoft Security products and/or #Sentinel? Then this thread is for you! The best resources for #KQL Advanced Hunting Queries or Analytics rules in my opinion.
#MDE #ThreatHunting #Detection #DFIR
github.com/reprise99/Sent… by @reprise_99. Awsome source! With the #365daysofkql series a lot of useful queries have been added. The queries are categorized by the different Microsoft products.
github.com/Azure/Azure-Se… by @msftsecurity. A lot of KQL queries can be found here, all of which are categorised on the basis of @MITREattack tactics.
Read 8 tweets
Holiday time and it's been a while since I did one of these. Here goes: a 2021 reading thread with some of my favourite blogs / tools / posts ✨thread✨
Cobalt Strike featured large in 2021 and if you're in the defensive arena, it's a good idea to familiarize yourself.

My colleague @ZephrFish had a great post on CS profiles

◾️blog.zsec.uk/cobalt-strike-…
.@M_haggis also had a fantastic post at the start of the year going over the structure and options contained within CS profiles

◾️haggis-m.medium.com/malleable-c2-p…
Read 25 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!