Skip to content
View LearningKijo's full-sized avatar

Block or report LearningKijo

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
LearningKijo/README.md

Thank you for visiting @LearningKijo

X (formerly Twitter) Follow

I'm @LearningKijo, and my content will delve into three main topics: KQL, insightful out-of-the-box queries, and product & security research notes.

Repository

  1. LearningKijo/KQL
  2. LearningKijo/SecurityResearch-Note
  3. LearningKijo/ProductResearch-Note
  4. LearningKijo/MDEtester
  5. LearningKijo/ResearchDev

image

Blog

Speaker

Expertise & Language

# Kusto query language(KQL) - Advanced 
# Python - intermediate
# PowerShell - intermediate
# API, RestAPI
# Cyberattack - APT29, AiTM, Ransomeware
# Microsoft Security solution <Defenders> against cyberattack
# Incident Response, Automation, Threat Hunting
# Malware analysis
      - Statis analysis
      - Dynamic analysis
      
# Experience
let MicrosoftProducts = datatable(id: int, value: string)
[
      1, "Microsoft Defender for Endpoints", 
      2, "Microsoft Defender for Office 365", 
      3, "Microsoft Defender for Cloud Apps", 
      4, "Microsoft Defender for Identity", 
      5, "Microsoft 365 Defender", 
      6, "Microsoft Sentinel"
];
MicrosoftProducts
| project id, value

image

Disclaimer

The views and opinions expressed herein are those of the author and do not necessarily reflect the views of company.

Popular repositories Loading

  1. SecurityResearcher-Note SecurityResearcher-Note Public

    Cover various security approaches to attack techniques and also provides new discoveries about security breaches.

    PowerShell 455 73

  2. KQL KQL Public

    Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.

    446 79

  3. MDEtester MDEtester Public

    MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.

    PowerShell 188 24

  4. ResearchDev ResearchDev Public

    ResearchDev - XDR & SIEM Detection

    HTML 61 5

  5. LearningKijo LearningKijo Public

    Config files for my GitHub profile.

    23

  6. Defender-APIs Defender-APIs Public

    Defender APIs - provide API scenarios to automate incident response actions in Microsoft 365 Defender and Microsoft Defender for Endpoint.

    Shell 16 3