MHaggis / sysmon-splunk-appView external linksLinks
Sysmon Splunk App
☆47Aug 21, 2018Updated 7 years ago
Alternatives and similar repositories for sysmon-splunk-app
Users that are interested in sysmon-splunk-app are comparing it to the libraries listed below
Sorting:
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 8 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆23Aug 21, 2019Updated 6 years ago
- RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high…☆63Feb 2, 2026Updated last week
- ☆55Mar 2, 2022Updated 3 years ago
- Python OpenIOC Editor☆18Dec 28, 2015Updated 10 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆32Jul 30, 2020Updated 5 years ago
- Monitor syslog collection infrastructure & offer syslog configuration templates.☆26Feb 9, 2018Updated 8 years ago
- How can you track the hunting techniques you come up with?☆13Sep 3, 2017Updated 8 years ago
- HoneyDB Python Module☆14Feb 6, 2024Updated 2 years ago
- Postfix Add-on for Splunk (Compliant with the Mail CIM model)☆11Mar 18, 2021Updated 4 years ago
- DFIR notebooks GCIH Gold project, paper☆12Apr 30, 2015Updated 10 years ago
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Jun 10, 2017Updated 8 years ago
- ☆10Sep 20, 2015Updated 10 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 7 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 8 years ago
- OG Atomic Red Team☆29Jun 12, 2018Updated 7 years ago
- ☆28Nov 25, 2025Updated 2 months ago
- Sysmon Tools for PowerShell☆232Aug 17, 2018Updated 7 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- ☆13Dec 12, 2021Updated 4 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- ☆16Jun 10, 2020Updated 5 years ago
- Parser for Windows Scheduled Task files.☆13Apr 26, 2023Updated 2 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Jan 11, 2022Updated 4 years ago
- pollen - A command-line tool for interacting with TheHive☆36Jun 6, 2019Updated 6 years ago
- Tools to automate and/or expedite response.☆116Jul 5, 2024Updated last year
- ☆18Jun 8, 2018Updated 7 years ago
- Our collection of Wazuh detection rules for our Offense Lab☆18Feb 13, 2022Updated 4 years ago
- CyberArk Terminal Utility, PowerShell tool that uses REST API to allow terminal access to CyberArk PVWA☆16Oct 16, 2017Updated 8 years ago
- PowerShell module for creating and managing Sysinternals Sysmon config files.☆214Mar 29, 2021Updated 4 years ago
- InvestigationPlaybookSpec☆71Sep 26, 2017Updated 8 years ago
- Splunk scripted input for opening a backconnect shell on a remote forwarder☆45Nov 18, 2020Updated 5 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Find permanent WMI event consumers on endpoints that could be used by APT actors.☆17Jun 15, 2016Updated 9 years ago
- Splunk app for Threat hunting☆15Nov 15, 2018Updated 7 years ago
- Microfocus ArcSight FlexConnector for Microsoft Sysmon tool☆19Jan 14, 2021Updated 5 years ago
- Utilities for Sysmon☆1,569Sep 21, 2025Updated 4 months ago