A Ruleset to enhance detection capabilities of Ossec using Sysmon
☆96Apr 13, 2022Updated 3 years ago
Alternatives and similar repositories for ossec-sysmon
Users that are interested in ossec-sysmon are comparing it to the libraries listed below
Sorting:
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆72Jul 21, 2021Updated 4 years ago
- Useful scripts for those administering Wazuh☆93Jan 6, 2026Updated last month
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆38Jun 8, 2020Updated 5 years ago
- ☆22Mar 1, 2022Updated 4 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Jul 21, 2020Updated 5 years ago
- Wazuh integration TheHive☆41Feb 21, 2023Updated 3 years ago
- Wazuh prometheus exporter☆35Jul 4, 2025Updated 8 months ago
- ☆20Oct 17, 2021Updated 4 years ago
- Wazuh - Chef cookbooks☆24Jul 26, 2023Updated 2 years ago
- Collection of generic YARA rules☆16Aug 17, 2025Updated 6 months ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- Personal scripts☆15Sep 11, 2024Updated last year
- Tools for Wazuh by Juan C. Tello☆15Jan 13, 2022Updated 4 years ago
- Zabbix Templates and scripts to monitor OSSEC or Wazuh Manager Intrusion Detection☆14Sep 18, 2025Updated 5 months ago
- Our collection of Wazuh detection rules for our Offense Lab☆18Feb 13, 2022Updated 4 years ago
- A repository of sysmon configuration modules☆2,987Aug 21, 2024Updated last year
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆1,239Feb 23, 2026Updated last week
- PowerShell module containing a set of generally useful tools.☆17Jan 10, 2026Updated last month
- Wazuh - Puppet module☆53Feb 20, 2026Updated last week
- An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal☆205Apr 18, 2022Updated 3 years ago
- ☆18Oct 20, 2021Updated 4 years ago
- Wazuh - RESTful API☆80Sep 17, 2024Updated last year
- Word resources for phishing. Includes "Click Enable Content" bait and decoy document deployment.☆22May 16, 2018Updated 7 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 3 months ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- netbeacon - monitoring your network capture, NIDS or network analysis process☆19Oct 26, 2013Updated 12 years ago
- Convert Sigma rules to Wazuh rules☆74Sep 13, 2025Updated 5 months ago
- ☆23Jul 7, 2023Updated 2 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- Get a number of your tweets from the Twitter API.☆13May 1, 2022Updated 3 years ago
- ☆11Sep 26, 2019Updated 6 years ago
- Osquery Packs we use for customer security hardening☆12Jun 30, 2025Updated 8 months ago
- ☆27Dec 5, 2025Updated 3 months ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- ☆13Feb 25, 2021Updated 5 years ago
- Loads a program into a memfd and runs it.☆11May 22, 2022Updated 3 years ago
- PowerShell module for interfacing with Proxmox API☆13Apr 18, 2025Updated 10 months ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- ☆88Mar 7, 2025Updated 11 months ago