GitPedia

SecurityResearcher Note

Cover various security approaches to attack techniques and also provides new discoveries about security breaches.

From LearningKijo·Updated June 11, 2026·View on GitHub·

In this repository, I will cover various security approaches to attack techniques and share new discoveries about security breaches. Through the new discoveries and learnings shared in this repository, I hope to provide helpful insights for those involved in security operations, hunting, incident response, and more. The project is written primarily in PowerShell, first published in 2023. Key topics include: attack-defense, incident-response, malware-analysis, threat-hunting, vulnerability.

image

Welcome to @SecurityResearcher-Note

In this repository, I will cover various security approaches to attack techniques and share new discoveries about security breaches. Through the new discoveries and learnings shared in this repository, I hope to provide helpful insights for those involved in security operations, hunting, incident response, and more.

  1. Security Research-Note
  2. Product Research-Note

Security Research-Note

DayTitleComment
Day1Day1-Basic-Malware-Analysis.md
Day2Day2-APT29-Part1-Overview.md<br> Day2-APT29-Part2-Midnight-Blizzard.md<br> Day2-APT29-Part3-Midnight-Blizzard.md<br> Day2-APT29-Part4-Midnight-Blizzard-MDE-EvaluationLab.mdRussia-based activity group
Day3Day3-Microsoft-ThreatActorNamingTaxonomy.md
Day4Day4-Mango-Sandstorm-Part1-Overview.md <br> Day4-Mango-Sandstorm-Part2-AttackTechniques-Insights.md <br> Day4-Mango-Sandstorm-Part3-AttackTechniques-Insights.mdIran-based activity group
Day5Day5-AntivirusConfig-Tips.mdEPP
Day6Day6-M365D-XDR-AutomaticAttackDisruption.mdAiTM, BEC, <br> Human-operated ransomware
Day7Day7-AiTM-Insights-XDR.mdAiTM, BEC
Day8Day8-WebShell-Insights-XDR.mdWeb shell
Day9Day9-XDR-Insights-part1.mdXDR
Day10Day10-XDR-Insights-part2.mdXDR
Day11Day11-MalwareAnalysis-Insights-part1.md <br> Day11-MalwareAnalysis-Insights-part2.mdMalware Analysis <br> EDR, XDR
Day12Day12-Volt-Typhoon-Base64.md <br> Day12-Volt-Typhoon-Base64.pdf - <PDF>China-based activity group <br> Base64, Credential dumping
Day13Day13-WDigest-credential-harvesting-attack.mdWDigest, Mimikatz
Day14Day14-macOS-SIP-Bypass-Insights.mdSIP Bypass <br> macOS vulnerability
Day15Day15-XDR-Insights-2024update.mdXDR
Day16Day16-CloudId-Exfiltration-AttackReport-Part1.md <br> Day16-CloudId-Exfiltration-AttackReport-Part2.mdIdentity abuse <br> Exfiltration
Day17Day17-Hunting-APIcalls-insight.mdAPI, MDE
Day18Day18-LotL-detection-part1.mdLotL
Day19Day19-ThreatActor-Discovery.mdDiscovery

Product Research-Note

DayTitleComment
Day1Day01-MDE-MDI-BetterTogether-Part1.mdReconnaissance, SAMR
Day2Day02-MDE-MDI-BetterTogether-Part2.mdReconnaissance, SMB, LDAP
Day3Day03-MDO-FileDetonation-DeepAnalysis.mdFileDetonation, DeepAnalysis
Day4Day04-MDI-DeploymentConsiderations.pdfITDR, MDI

Microsoft Copilot for Security, Kijo Catchup LOG

LOGTitle
LOG-01Microsoft Copilot for Securit / Update history

Other

Microsoft Security Blog

Event Speaker

Microsoft 365 Defender Virtual Ninja Training

image

Disclaimer

The views and opinions expressed herein are those of the author and do not necessarily reflect the views of company.

Contributors

Showing top 1 contributor by commit count.

LearningKijo

LearningKijo

776 commits

View all contributors on GitHub →

This article is auto-generated from LearningKijo/SecurityResearcher-Note via the GitHub API.Last fetched: 6/24/2026