SwiftOnSecurity/SwiftFilter external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SwiftOnSecurity/SwiftFilter

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SwiftOnSecurity/SwiftFilter)

Close

SwiftOnSecurity / SwiftFilterView on GitHubMore

• External links
• Readme badge

Exchange Transport rules to detect and enable response to phishing

☆414May 9, 2020Updated 5 years ago

Alternatives and similar repositories for SwiftFilter

Users that are interested in SwiftFilter are comparing it to the libraries listed below

• SwiftOnSecurity / OrgKit

  View on GitHub
  Provision a brand-new company with proper defaults in Windows, Offic365, and Azure
  ☆615Aug 17, 2024Updated last year
• SwiftOnSecurity / PhishingRegex

  View on GitHub
  Backup of my phishing regular expression testing bench
  ☆151Mar 20, 2017Updated 9 years ago
• SwiftOnSecurity / OfficeDeployFramework

  View on GitHub
  A batch script to demonstrate complex Microsoft Office deployments
  ☆92May 10, 2018Updated 7 years ago
• SwiftOnSecurity / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆5,430Jul 3, 2024Updated last year
• palantir / windows-event-forwarding

  View on GitHub
  A repository for using windows event forwarding for incident detection and response
  ☆1,300Sep 8, 2025Updated 6 months ago
• MHaggis / sysmon-dfir

  View on GitHub
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆938Dec 12, 2023Updated 2 years ago
• jepayneMSFT / WEFFLES

  View on GitHub
  Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
  ☆201Dec 11, 2017Updated 8 years ago
• ion-storm / sysmon-config

  View on GitHub
  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …
  ☆822Nov 5, 2023Updated 2 years ago
• LogRhythm-Labs / PIE

  View on GitHub
  The Phishing Intelligence Engine - An Active Defense PowerShell Framework for Phishing Defense with Office 365
  ☆180Apr 13, 2020Updated 5 years ago
• OfficeDev / O365-InvestigationTooling

  View on GitHub
  ☆585Oct 9, 2020Updated 5 years ago
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,576Sep 21, 2025Updated 6 months ago
• nsacyber / Event-Forwarding-Guidance

  View on GitHub
  Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…
  ☆882Nov 17, 2020Updated 5 years ago
• l0ss / Grouper

  View on GitHub
  A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
  ☆737Feb 5, 2019Updated 7 years ago
• JohnLaTwC / PyPowerShellXray

  View on GitHub
  Python script to decode common encoded PowerShell scripts
  ☆217Jun 13, 2018Updated 7 years ago
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,384Feb 10, 2026Updated last month
• Invoke-IR / PowerForensics

  View on GitHub
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,427Nov 16, 2023Updated 2 years ago
• nsacyber / Windows-Secure-Host-Baseline

  View on GitHub
  Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
  ☆1,592Dec 24, 2022Updated 3 years ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,994Aug 21, 2024Updated last year
• philhagen / sof-elk

  View on GitHub
  Configuration files for the SOF-ELK VM
  ☆1,723Jan 21, 2026Updated 2 months ago
• palantir / osquery-configuration

  View on GitHub
  A repository for using osquery for incident detection and response
  ☆882Sep 8, 2025Updated 6 months ago
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,640Nov 22, 2022Updated 3 years ago
• DearBytes / Opensource-Endpoint-Monitoring

  View on GitHub
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆35Jul 8, 2019Updated 6 years ago
• LMGsec / Magic-Unicorn-Tool

  View on GitHub
  ☆262Jul 6, 2018Updated 7 years ago
• PaulSec / awesome-windows-domain-hardening

  View on GitHub
  A curated list of awesome Security Hardening techniques for Windows.
  ☆1,787Jan 7, 2020Updated 6 years ago
• 1aN0rmus / vtTracker

  View on GitHub
  Monitor JSON notifications feed from VT
  ☆17Jun 13, 2017Updated 8 years ago
• TKCERT / sysmon-config

  View on GitHub
  Please see other maintained fork:
  ☆17Dec 4, 2025Updated 3 months ago
• mattifestation / CimSweep

  View on GitHub
  CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…
  ☆657Aug 19, 2019Updated 6 years ago
• MHaggis / hunt-detect-prevent

  View on GitHub
  Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
  ☆168Dec 10, 2018Updated 7 years ago
• bwya77 / O365-Admin-Center

  View on GitHub
  The O365 Admin Center is a GUI application that administrators can use to administer every aspect of Office 365 including Exchange Online…
  ☆303May 2, 2019Updated 6 years ago
• endgameinc / noteclass

  View on GitHub
  ☆13Aug 11, 2018Updated 7 years ago
• ceramicskate0 / SWELF

  View on GitHub
  Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…
  ☆24Jun 20, 2023Updated 2 years ago
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,501Jan 12, 2026Updated 2 months ago
• JPCERTCC / LogonTracer

  View on GitHub
  Investigate malicious Windows logon by visualizing and analyzing Windows event log
  ☆3,137Oct 19, 2025Updated 5 months ago
• gpoguy / GetVulnerableGPO

  View on GitHub
  PowerShell script to find 'vulnerable' security-related GPOs that should be hardended
  ☆198Jun 1, 2018Updated 7 years ago
• outflanknl / Invoke-ADLabDeployer

  View on GitHub
  Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.
  ☆492Feb 16, 2019Updated 7 years ago
• danielbohannon / Revoke-Obfuscation

  View on GitHub
  PowerShell Obfuscation Detection Framework
  ☆751Dec 1, 2023Updated 2 years ago
• microsoft / Microsoft-365-Defender-Hunting-Queries

  View on GitHub
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,053Feb 17, 2022Updated 4 years ago
• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,921Jul 6, 2024Updated last year