SwiftOnSecurity/SwiftFilter external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SwiftOnSecurity/SwiftFilter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SwiftOnSecurity/SwiftFilter)

Close

SwiftOnSecurity / SwiftFilterView on GitHubMore

• External links
• Readme badge

Exchange Transport rules to detect and enable response to phishing

☆418May 9, 2020Updated 5 years ago

Alternatives and similar repositories for SwiftFilter

Users that are interested in SwiftFilter are comparing it to the libraries listed below

• SwiftOnSecurity / OrgKit

  View on GitHub
  Provision a brand-new company with proper defaults in Windows, Offic365, and Azure
  ☆616Aug 17, 2024Updated last year
• SwiftOnSecurity / PhishingRegex

  View on GitHub
  Backup of my phishing regular expression testing bench
  ☆151Mar 20, 2017Updated 8 years ago
• SwiftOnSecurity / OfficeDeployFramework

  View on GitHub
  A batch script to demonstrate complex Microsoft Office deployments
  ☆92May 10, 2018Updated 7 years ago
• palantir / windows-event-forwarding

  View on GitHub
  A repository for using windows event forwarding for incident detection and response
  ☆1,296Sep 8, 2025Updated 5 months ago
• SwiftOnSecurity / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆5,401Jul 3, 2024Updated last year
• MHaggis / sysmon-dfir

  View on GitHub
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆937Dec 12, 2023Updated 2 years ago
• LogRhythm-Labs / PIE

  View on GitHub
  The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365
  ☆180Apr 13, 2020Updated 5 years ago
• ion-storm / sysmon-config

  View on GitHub
  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …
  ☆821Nov 5, 2023Updated 2 years ago
• jepayneMSFT / WEFFLES

  View on GitHub
  Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
  ☆201Dec 11, 2017Updated 8 years ago
• nsacyber / Event-Forwarding-Guidance

  View on GitHub
  Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…
  ☆883Nov 17, 2020Updated 5 years ago
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,372Feb 10, 2026Updated 2 weeks ago
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,574Sep 21, 2025Updated 5 months ago
• Invoke-IR / PowerForensics

  View on GitHub
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,428Nov 16, 2023Updated 2 years ago
• OfficeDev / O365-InvestigationTooling

  View on GitHub
  ☆583Oct 9, 2020Updated 5 years ago
• JohnLaTwC / PyPowerShellXray

  View on GitHub
  Python script to decode common encoded PowerShell scripts
  ☆217Jun 13, 2018Updated 7 years ago
• philhagen / sof-elk

  View on GitHub
  Configuration files for the SOF-ELK VM
  ☆1,719Jan 21, 2026Updated last month
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,980Aug 21, 2024Updated last year
• l0ss / Grouper

  View on GitHub
  A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
  ☆736Feb 5, 2019Updated 7 years ago
• nsacyber / Windows-Secure-Host-Baseline

  View on GitHub
  Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
  ☆1,596Dec 24, 2022Updated 3 years ago
• DearBytes / Opensource-Endpoint-Monitoring

  View on GitHub
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆35Jul 8, 2019Updated 6 years ago
• mattifestation / CimSweep

  View on GitHub
  CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…
  ☆658Aug 19, 2019Updated 6 years ago
• MHaggis / hunt-detect-prevent

  View on GitHub
  Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
  ☆168Dec 10, 2018Updated 7 years ago
• palantir / osquery-configuration

  View on GitHub
  A repository for using osquery for incident detection and response
  ☆881Sep 8, 2025Updated 5 months ago
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,640Nov 22, 2022Updated 3 years ago
• bwya77 / O365-Admin-Center

  View on GitHub
  The O365 Admin Center is a GUI application that administrators can use to administer every aspect of Office 365 including Exchange Online…
  ☆302May 2, 2019Updated 6 years ago
• ceramicskate0 / SWELF

  View on GitHub
  Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…
  ☆24Jun 20, 2023Updated 2 years ago
• LMGsec / Magic-Unicorn-Tool

  View on GitHub
  ☆262Jul 6, 2018Updated 7 years ago
• outflanknl / Invoke-ADLabDeployer

  View on GitHub
  Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.
  ☆492Feb 16, 2019Updated 7 years ago
• microsoft / Microsoft-365-Defender-Hunting-Queries

  View on GitHub
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,051Feb 17, 2022Updated 4 years ago
• JoeyRentenaar / Office-365-Extractor

  View on GitHub
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆160Mar 27, 2023Updated 2 years ago
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,486Jan 12, 2026Updated last month
• ukncsc / lme

  View on GitHub
  Logging Made Easy
  ☆710Nov 1, 2023Updated 2 years ago
• gpoguy / GetVulnerableGPO

  View on GitHub
  PowerShell script to find 'vulnerable' security-related GPOs that should be hardended
  ☆198Jun 1, 2018Updated 7 years ago
• endgameinc / noteclass

  View on GitHub
  ☆13Aug 11, 2018Updated 7 years ago
• PaulSec / awesome-windows-domain-hardening

  View on GitHub
  A curated list of awesome Security Hardening techniques for Windows.
  ☆1,790Jan 7, 2020Updated 6 years ago
• sans-blue-team / DeepBlueCLI

  View on GitHub
  ☆2,388Oct 14, 2023Updated 2 years ago
• atc-project / atomic-threat-coverage

  View on GitHub
  Actionable analytics designed to combat threats
  ☆1,005May 25, 2022Updated 3 years ago
• 0x0v1 / Audix

  View on GitHub
  Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring
  ☆117Oct 14, 2025Updated 4 months ago
• TKCERT / sysmon-config

  View on GitHub
  Please see other maintained fork:
  ☆17Dec 4, 2025Updated 2 months ago