Splunk App to assist Sysmon Threat Hunting
☆38Mar 7, 2017Updated 8 years ago
Alternatives and similar repositories for app_splunk_sysmon_hunter
Users that are interested in app_splunk_sysmon_hunter are comparing it to the libraries listed below
Sorting:
- ☆13Feb 6, 2018Updated 8 years ago
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 6 years ago
- Sysmon Splunk App☆47Aug 21, 2018Updated 7 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆32Jul 30, 2020Updated 5 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- Mass Triage Tools☆20Dec 16, 2025Updated 2 months ago
- Takes the original idea of NetCease and adds functionality☆24Feb 6, 2022Updated 4 years ago
- Powershell scripts using CyCLI.☆10May 22, 2019Updated 6 years ago
- Maps process creation logged by Sysmon uses Google Org Chart API☆23Mar 5, 2016Updated 10 years ago
- An installation script to help with the setup of a Kali VM for The Hacker Playbook: Practical Guide To Penetration Testing by Peter Kim☆17Jul 21, 2015Updated 10 years ago
- A series of Bro Scripts created for detection purposes.☆19Nov 18, 2016Updated 9 years ago
- Examples for the CyCLI Powershell module☆12Mar 8, 2019Updated 6 years ago
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆36Sep 28, 2015Updated 10 years ago
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- Pragmatic Network Security for Cloud and Hybrid Networks☆10Nov 24, 2015Updated 10 years ago
- Proof of concept implementation of a cyber threat intelligence and incident handling platform☆11Feb 10, 2023Updated 3 years ago
- Training materials I've written.☆11Nov 11, 2025Updated 3 months ago
- ☆10Nov 21, 2023Updated 2 years ago
- Run PowerShell command without invoking powershell.exe☆12Sep 2, 2017Updated 8 years ago
- A set of Splunk workflow action definitions to export field values to CyberChef for further analysis.☆13Jan 22, 2018Updated 8 years ago
- Splunk app for visualization of DMARC RUA mails☆15Sep 26, 2025Updated 5 months ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 7 years ago
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Jun 10, 2017Updated 8 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- Some Hashcat Rules for 2020 and beyond. Contributions encouraged!☆26May 26, 2022Updated 3 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 9 years ago
- OG Atomic Red Team☆29Jun 12, 2018Updated 7 years ago
- Office365 Log Analysis Framework☆81Jun 6, 2019Updated 6 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…☆24Jun 20, 2023Updated 2 years ago
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 5 years ago
- Qakbot Registry Key Configuration Decryptor☆14Dec 20, 2021Updated 4 years ago
- Sharing my BITS☆13Feb 23, 2018Updated 8 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- Examples of simple code patterns causing BOF☆14Apr 10, 2020Updated 5 years ago
- 在一定条件下可执行命令☆11Feb 21, 2020Updated 6 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- NTFSx is a tool for extracting files from an NTFS filesystem that are otherwise inaccessible.☆14Jul 26, 2013Updated 12 years ago
- A Docker container for Moloch based on minimal Debian☆26Jan 25, 2016Updated 10 years ago