A repo for sample MDATP Power BI Templates
PowerShell-based Automation of Defender for Endpoint
Microsoft Defender for Endpoint Device Control tools, samples, and resources.
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Microsoft Defender ATP Manageability and Maintenance scripts
MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
sample code to MicrosoftDefenderATP API
This project contains samples how to use MDATP API for integration with other systems and products
A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more.
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
An open-source windows defender manager. Now you can disable windows defender permanently.
Stop Windows Defender programmatically
Windows Defender Killer | C++ Code Disabling Permanently Windows Defender using Registry Keys
Elastic Security detection content for Endpoint
Sample queries for Advanced hunting in Microsoft 365 Defender
Welcome to the Microsoft Defender for Cloud community repository
Utility for configuring Windows 10 built-in Defender antivirus settings.
Bypass Windows Defender
C# obfuscator that bypass windows defender
KQL Queries. Microsoft Defender, Microsoft Sentinel
Suggested Endpoints for Warp