├── README.md
├── T0000_Remotely_Query_Login_Sessions_Network.txt
├── T1003_Credential_Dumping_PS.txt
├── T1123_Audio_Capture
├── T1170_MSHTA_FileAccess.txt
├── T1201_Password_Policy
└── T1214_Credentials_Registry_Search


/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akapv/Sysmon_to_AdvancedHunting_KQL/HEAD/README.md


--------------------------------------------------------------------------------
/T0000_Remotely_Query_Login_Sessions_Network.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akapv/Sysmon_to_AdvancedHunting_KQL/HEAD/T0000_Remotely_Query_Login_Sessions_Network.txt


--------------------------------------------------------------------------------
/T1003_Credential_Dumping_PS.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akapv/Sysmon_to_AdvancedHunting_KQL/HEAD/T1003_Credential_Dumping_PS.txt


--------------------------------------------------------------------------------
/T1123_Audio_Capture:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akapv/Sysmon_to_AdvancedHunting_KQL/HEAD/T1123_Audio_Capture


--------------------------------------------------------------------------------
/T1170_MSHTA_FileAccess.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akapv/Sysmon_to_AdvancedHunting_KQL/HEAD/T1170_MSHTA_FileAccess.txt


--------------------------------------------------------------------------------
/T1201_Password_Policy:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akapv/Sysmon_to_AdvancedHunting_KQL/HEAD/T1201_Password_Policy


--------------------------------------------------------------------------------
/T1214_Credentials_Registry_Search:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/akapv/Sysmon_to_AdvancedHunting_KQL/HEAD/T1214_Credentials_Registry_Search


--------------------------------------------------------------------------------