Skip to content
View LearningKijo's full-sized avatar
293 followers · 7 following

Achievements

Achievement: Starstruckx2
BetaSend feedback

Achievements

Achievement: Starstruckx2
BetaSend feedback
Block or Report

Block or report LearningKijo

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
LearningKijo/README.md

Thank you for visiting @LearningKijo

X (formerly Twitter) Follow

I'm @LearningKijo, and my content will delve into three main topics: KQL, insightful out-of-the-box queries, and product & security research notes.

Repository

  1. LearningKijo/KQL
  2. LearningKijo/SecurityResearch-Note
  3. LearningKijo/ProductResearch-Note
  4. LearningKijo/MDEtester
  5. LearningKijo/ResearchDev

image

Speaker & Blogs

Microsoft Security Blog

Microsoft 365 Defender Virtual Ninja Training

Microsoft Security Insights

Expertise & Language

# Kusto query language(KQL) - Advanced 
# Python - intermediate
# PowerShell - intermediate
# API, RestAPI
# Cyberattack - APT29, AiTM, Ransomeware
# Microsoft Security solution <Defenders> against cyberattack
# Incident Response, Automation, Threat Hunting
# Malware analysis
      - Statis analysis
      - Dynamic analysis
      
# Experience
let MicrosoftProducts = datatable(id: int, value: string)
[
      1, "Microsoft Defender for Endpoints", 
      2, "Microsoft Defender for Office 365", 
      3, "Microsoft Defender for Cloud Apps", 
      4, "Microsoft Defender for Identity", 
      5, "Microsoft 365 Defender", 
      6, "Microsoft Sentinel"
];
MicrosoftProducts
| project id, value

View my verified badges

image

Disclaimer

The views and opinions expressed herein are those of the author and do not necessarily reflect the views of company.

Popular repositories

  1. KQL KQL Public

    Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.

    399 69

  2. SecurityResearcher-Note SecurityResearcher-Note Public

    Cover various security approaches to attack techniques and also provides new discoveries about security breaches.

    386 65

  3. MDEtester MDEtester Public

    MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.

    PowerShell 140 13

  4. ResearchDev ResearchDev Public

    ResearchDev - XDR & SIEM Detection

    HTML 54 4

  5. LearningKijo LearningKijo Public

    Config files for my GitHub profile.

    20

  6. Defender-APIs Defender-APIs Public

    Defender APIs - provide API scenarios to automate incident response actions in Microsoft 365 Defender and Microsoft Defender for Endpoint.

    Shell 12 3