AustralianCyberSecurityCentre / windows_event_logging

Related projects ⓘ

Alternatives and complementary repositories for windows_event_logging

• MalwareArchaeology / ARTHIR
  ATT&CK Remote Threat Hunting Incident Response
  ☆198Updated 5 years ago
• jepayneMSFT / WEFFLES
  Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
  ☆201Updated 6 years ago
• miriamxyra / EventList
  EventList
  ☆370Updated 3 years ago
• Infocyte / PSHunt
  Powershell Threat Hunting Module
  ☆279Updated 8 years ago
• LogRhythm-Tools / LogRhythm.Tools
  LogRhythm PowerShell Toolkit
  ☆49Updated 3 weeks ago
• joshzelonis / attack-eval-scoring
  This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…
  ☆95Updated 4 years ago
• OTRF / Blacksmith
  Building environments to replicate small networks and deploy applications
  ☆317Updated last year
• HASecuritySolutions / Presentations
  ☆131Updated 8 months ago
• MHaggis / hunt-detect-prevent
  Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
  ☆162Updated 5 years ago
• nsacyber / AppLocker-Guidance
  Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber
  ☆209Updated 4 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆115Updated 4 years ago
• inodee / threathunting-spl
  Splunk code (SPL) for serious threat hunters and detection engineers.
  ☆266Updated 10 months ago
• activecm / BeaKer
  Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
  ☆286Updated last month
• MalwareArchaeology / ATTACK
  MITRE ATT&CK Windows Logging Cheat Sheets
  ☆332Updated 6 years ago
• IBM / wincollect
  ☆58Updated last year
• JoeyRentenaar / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆159Updated last year
• d3sre / Use_Case_Applicability
  Security Monitoring Resolution Categories
  ☆138Updated 2 years ago
• rootsecdev / Microsoft-Blue-Forest
  Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers
  ☆263Updated last month
• olafhartong / ATTACKdatamap
  A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
  ☆350Updated 4 years ago
• swannman / ircapabilities
  Incident Response Hierarchy of Needs
  ☆438Updated last year
• nsacyber / Event-Forwarding-Guidance
  Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…
  ☆852Updated 4 years ago
• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆119Updated 3 years ago
• intrepidtechie / KITT-O365-Tool
  KITT - An Open Source PowerShell O365 Business Email Compromise Investigation Tool
  ☆117Updated 4 years ago
• bromiley / olaf
  Office365 Log Analysis Framework
  ☆81Updated 5 years ago
• CrowdStrike / psfalcon
  PowerShell for CrowdStrike's OAuth2 APIs
  ☆368Updated this week
• P4T12ICK / Sigma2SplunkAlert
  Converts Sigma detection rules to a Splunk alert configuration.
  ☆107Updated 4 years ago
• renisac / O365-Management-and-Log-Scripts
  Security-Focused O365 Management and Log Scripts
  ☆60Updated 2 years ago
• DefensiveOrigins / AtomicPurpleTeam
  Atomic Purple Team Framework and Lifecycle
  ☆283Updated 3 years ago
• miladaslaner / AdvHuntingCheatSheet
  Microsoft Threat Protection Advance Hunting Cheat Sheet
  ☆78Updated 4 years ago