MHaggis/app_splunk_sysmon_hunter external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

MHaggis/app_splunk_sysmon_hunter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/MHaggis/app_splunk_sysmon_hunter)

Close

MHaggis / app_splunk_sysmon_hunterView on GitHubMore

• External links
• Readme badge

Splunk App to assist Sysmon Threat Hunting

☆38Mar 7, 2017Updated 9 years ago

Alternatives and similar repositories for app_splunk_sysmon_hunter

Users that are interested in app_splunk_sysmon_hunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• MHaggis / sysmon-splunk-app

  View on GitHub
  Sysmon Splunk App
  ☆47Aug 21, 2018Updated 7 years ago
• olafhartong / TA-Sysmon-deploy

  View on GitHub
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆32Jul 30, 2020Updated 5 years ago
• MHaggis / sysmon-dfir

  View on GitHub
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆941Dec 12, 2023Updated 2 years ago
• chaoticmachinery / mass_triage_tools

  View on GitHub
  Mass Triage Tools
  ☆20Mar 10, 2026Updated 2 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• richiercyrus / Bro-Scripts

  View on GitHub
  A series of Bro Scripts created for detection purposes.
  ☆19Nov 18, 2016Updated 9 years ago
• glassdfir / SysmonMapper

  View on GitHub
  Maps process creation logged by Sysmon uses Google Org Chart API
  ☆23Mar 5, 2016Updated 10 years ago
• rkovar / dns_detection

  View on GitHub
  Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration
  ☆36Sep 28, 2015Updated 10 years ago
• Maliek / Cylance-API-PS

  View on GitHub
  Powershell scripts using CyCLI.
  ☆10May 22, 2019Updated 7 years ago
• vi-or-die / TheHive4PS

  View on GitHub
  Powershell Functions to interact with TheHive-Project
  ☆11Jun 27, 2019Updated 6 years ago
• jan-tee / cycli-examples

  View on GitHub
  Examples for the CyCLI Powershell module
  ☆12Mar 8, 2019Updated 7 years ago
• aniqfakhrul / certifried.py

  View on GitHub
  ☆16May 20, 2022Updated 4 years ago
• daveherrald / TA-cyberchef

  View on GitHub
  A set of Splunk workflow action definitions to export field values to CyberChef for further analysis.
  ☆13Jan 22, 2018Updated 8 years ago
• drole / qakbot-registry-decrypt

  View on GitHub
  Qakbot Registry Key Configuration Decryptor
  ☆14Dec 20, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Securosis / PragmaticNetSecCloud

  View on GitHub
  Pragmatic Network Security for Cloud and Hybrid Networks
  ☆10Nov 24, 2015Updated 10 years ago
• mr-r3b00t / OSCP

  View on GitHub
  ☆15Jan 10, 2019Updated 7 years ago
• daveherrald / scansio-sonar-splunk

  View on GitHub
  Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…
  ☆20May 12, 2026Updated 2 weeks ago
• MHaggis / bookish-happiness

  View on GitHub
  OG Atomic Red Team
  ☆29Jun 12, 2018Updated 7 years ago
• mattifestation / PSSysmonTools

  View on GitHub
  Sysmon Tools for PowerShell
  ☆233Aug 17, 2018Updated 7 years ago
• mgreen27 / Invoke-BitsParser

  View on GitHub
  Sharing my BITS
  ☆13Feb 23, 2018Updated 8 years ago
• tenable / yara-rules

  View on GitHub
  Repository of yara rules
  ☆60Nov 29, 2022Updated 3 years ago
• Foundstone / InvestigationPlaybookSpec

  View on GitHub
  InvestigationPlaybookSpec
  ☆71Sep 26, 2017Updated 8 years ago
• forensicmatt / RustyLnk

  View on GitHub
  LNK to JSON
  ☆14Mar 7, 2019Updated 7 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• aholzel / SA-dmarc

  View on GitHub
  Splunk app for visualization of DMARC RUA mails
  ☆15Sep 26, 2025Updated 8 months ago
• RythmStick / ProxyPunch

  View on GitHub
  Finding SSL Blindspots for Red Teams
  ☆34Jul 28, 2020Updated 5 years ago
• kost / docker-moloch

  View on GitHub
  A Docker container for Moloch based on minimal Debian
  ☆26Jan 25, 2016Updated 10 years ago
• voxpupuli / puppet-misp

  View on GitHub
  This module installs and configures MISP (Malware Information Sharing Platform)
  ☆14Apr 14, 2026Updated last month
• mitre / caldera-agent

  View on GitHub
  ☆20Dec 19, 2017Updated 8 years ago
• outflanknl / PasswordDump2ELK

  View on GitHub
  Clean public password dump files and store in ELK
  ☆36Jan 24, 2018Updated 8 years ago
• nsacyber / Event-Forwarding-Guidance

  View on GitHub
  Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…
  ☆885Nov 17, 2020Updated 5 years ago
• ArnaudLoos / Logstash-WinEventlog

  View on GitHub
  A Logstash grok filter to parse and tokenize the message field of Windows eventlog entries.
  ☆12May 10, 2016Updated 10 years ago
• ion-storm / sysmon-config

  View on GitHub
  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …
  ☆826Nov 5, 2023Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• ceramicskate0 / SWELF

  View on GitHub
  Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…
  ☆24May 13, 2026Updated 2 weeks ago
• Arno0x / ReflectiveDnsExfiltrator

  View on GitHub
  Data exfiltration using reflective DNS resolution covert channel
  ☆53Jan 10, 2018Updated 8 years ago
• neu5ron / WinLogsZero2Hero

  View on GitHub
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆22Jan 30, 2018Updated 8 years ago
• cobbr / InsecurePowerShell

  View on GitHub
  InsecurePowerShell is PowerShell with some security features removed.
  ☆105Dec 19, 2017Updated 8 years ago
• rvrsh3ll / CanaryServer

  View on GitHub
  Fake SMB and SAMR data
  ☆11Oct 27, 2019Updated 6 years ago
• mutedmouse / ta-volatility

  View on GitHub
  Technical add-on to ingest json formatted volatility memory analysis plugin outputs
  ☆13May 21, 2018Updated 8 years ago
• virtualrealitysystems / aumfor

  View on GitHub
  Automated Memory Forensic
  ☆34Jul 18, 2018Updated 7 years ago