Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
☆55Jul 10, 2024Updated last year
Alternatives and similar repositories for Sysmon
Users that are interested in Sysmon are comparing it to the libraries listed below
Sorting:
- This repo contains code of JScript .NET which can be used as alternative to csc.exe to run potentially malicious code, which ships in all…☆13Nov 8, 2019Updated 6 years ago
- ☆17Sep 14, 2017Updated 8 years ago
- ☆349Mar 19, 2021Updated 4 years ago
- Understanding ATT&CK Matrix for Enterprise☆79May 16, 2018Updated 7 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.☆14Jul 18, 2018Updated 7 years ago
- Windows Stagers to circumvent restrictive network environments☆69Sep 23, 2024Updated last year
- All the content from my Troopers 19 talk☆12Mar 20, 2019Updated 6 years ago
- Proof-of-Concept exploits for CVE-2017-11882☆41Jan 2, 2018Updated 8 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Jul 2, 2020Updated 5 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆40Dec 20, 2016Updated 9 years ago
- Some .ps1 scripts for pentesting☆140Jan 6, 2026Updated last month
- Ps1jacker is a tool for generating COM Hijacking payload.☆60Feb 11, 2025Updated last year
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 9 years ago
- Quick and dirty python script to generate mutual SSL certificates and configuration files to quickly configure OpenVPN☆19Apr 20, 2016Updated 9 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- Various Cheat Sheets☆183Jun 24, 2021Updated 4 years ago
- Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…☆24Jun 20, 2023Updated 2 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆107Apr 3, 2020Updated 5 years ago
- XSS payloads for edge cases☆34Nov 13, 2018Updated 7 years ago
- Security information and event management, masters's diploma☆10Aug 3, 2015Updated 10 years ago
- Proof of concept code to exploit CVE-2020-12116: Unauthenticated arbitrary file read on ManageEngine OpManger.☆32May 8, 2020Updated 5 years ago
- PoC ActiveX SVG Document Execution☆21Nov 8, 2018Updated 7 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- SQL scripts for querying event logs☆21Jul 12, 2017Updated 8 years ago
- NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements☆95Sep 19, 2017Updated 8 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- Helper script for mangling CS payloads☆51May 5, 2019Updated 6 years ago
- ☆229May 10, 2018Updated 7 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- APT || Execution || Launch || APTs || ( Authors harr0ey, bohops )☆110Sep 18, 2018Updated 7 years ago
- Silencing Sysmon via driver unload☆235Oct 13, 2022Updated 3 years ago
- Windows 10 Exploit☆30Oct 29, 2018Updated 7 years ago
- Contains poc's and my research works☆31Feb 13, 2023Updated 3 years ago
- ☆16Jan 31, 2015Updated 11 years ago
- Swordphish Phishing Awareness Tool☆225Sep 22, 2024Updated last year
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆115Mar 26, 2023Updated 2 years ago
- Abusing SketchUp to make persistence on Windows☆21Mar 26, 2019Updated 6 years ago