LogRhythm-Labs / Microsoft-SysMon-config
Sysmon configuration file template with default high-quality event tracing
☆20Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for Microsoft-SysMon-config
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated last year
- A Splunk app with saved reports derived from Sigma rules☆72Updated 6 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆78Updated 4 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆88Updated 2 years ago
- Office365 Log Analysis Framework☆81Updated 5 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- Powering Up Incident Response with Power-Response☆62Updated 4 years ago
- Purple Team Security☆74Updated 2 years ago
- ☆49Updated 4 years ago
- Splunk app for Threat hunting☆15Updated 6 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- ☆77Updated 5 years ago
- ☆40Updated last year
- Windows Defender ATP - Advanced Hunting Queries☆21Updated 6 years ago
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆38Updated 3 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated last year
- Collection of resources related to the Center for Threat-Informed Defense☆77Updated 6 months ago
- Powershell - web traffic whitenoise generator☆46Updated 4 years ago
- Find accounts using common and default passwords in Active Directory.☆65Updated 5 years ago
- The PoLRBear Project☆35Updated 3 years ago
- ☆18Updated 3 years ago
- Security-Focused O365 Management and Log Scripts☆60Updated 2 years ago
- Elastic Beat for fetching and shipping Office 365 audit events☆66Updated 4 years ago