Awesome
<!-- Improved compatibility of back to top link: See: https://github.com/othneildrew/Best-README-Template/pull/73 --><a name="readme-top"></a>
<!-- *** Thanks for checking out the Best-README-Template. If you have a suggestion *** that would make this better, please fork the repo and create a pull request *** or simply open an issue with the tag "enhancement". *** Don't forget to give the project a star! *** Thanks again! Now go create something AMAZING! :D --> <!-- PROJECT SHIELDS --> <!-- *** I'm using markdown "reference style" links for readability. *** Reference links are enclosed in brackets [ ] instead of parentheses ( ). *** See the bottom of this document for the declaration of the reference variables *** for contributors-url, forks-url, etc. This is an optional, concise syntax you may use. *** https://www.markdownguide.org/basic-syntax/#reference-style-links -->
About The Project
This repository comprises Microsoft Defender Hunting queries. These queries have been developed using telemetry data provided by Defender ATP.This queries were used as Detection rules in production enviroment, They are a result of my own work and inspiration drawn from the contributions of the exceptional community members acknowledged below. Please don't hesitate to propose any additional queries for inclusion in this repository.
Roadmap
- [ ✅ ] Add detections based on ASR rules
- Add detections based on windows API's logged
See the open issues for a full list of proposed features (and known issues).
<!-- CONTRIBUTING -->Contributing
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement".
<!-- LICENSE -->License
Distributed under the MIT License. See LICENSE.txt for more information.