Sysmon configuration file templates with advanced event tracing and blocking
☆57May 8, 2026Updated 2 weeks ago
Alternatives and similar repositories for sysmon-config
Users that are interested in sysmon-config are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Compiler from Sigma rules to VQL☆19May 18, 2026Updated last week
- Sysmon configuration file template with default high-quality event tracing☆592Jan 21, 2026Updated 4 months ago
- a Pixie Plus integration for Home Assistant☆11May 3, 2026Updated 3 weeks ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Sep 27, 2022Updated 3 years ago
- YubiKey Smart Card Minidriver Administrative Template (ADMX)☆18Jun 23, 2024Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆152May 3, 2026Updated 3 weeks ago
- An open-source log viewer inspired by Microsoft's CMTrace.exe.☆196Updated this week
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆22Sep 30, 2022Updated 3 years ago
- With the help of this docker image, you can easily access PEzor on your system!☆15Mar 10, 2022Updated 4 years ago
- Scapy hands-on at #GreHack17☆17Nov 14, 2017Updated 8 years ago
- ☆14Mar 28, 2018Updated 8 years ago
- Claude Code hook that detects context compaction and injects a reminder to re-read AGENTS.md, preventing post-compaction rule amnesia in …☆43Apr 29, 2026Updated 3 weeks ago
- A community terraform provider for Microsoft 365 for configuration as code workflows. It can interface with both MS Graph v1.0 & MS Graph…☆52May 18, 2026Updated last week
- ☆78Jun 25, 2019Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Takes in scan reports from the GVM PostgreSQL Database and dump into Elasticsearch☆14Aug 18, 2023Updated 2 years ago
- A security checking tool☆113Feb 4, 2026Updated 3 months ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- ☆15May 10, 2020Updated 6 years ago
- Anything Sysmon related from the MSTIC R&D team☆157Jun 8, 2024Updated last year
- ☆33Mar 24, 2026Updated 2 months ago
- Windows 11 Upgrade Scripts☆16Jun 23, 2023Updated 2 years ago
- Collection of scripts provided for public use☆43Updated this week
- ☆57Apr 30, 2026Updated 3 weeks ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆12Oct 20, 2022Updated 3 years ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts☆136Dec 23, 2025Updated 5 months ago
- Takajō (鷹匠) is a Hayabusa results analyzer.☆159May 11, 2026Updated 2 weeks ago
- Microsoft Office365 Protection Center Audit Log Parser☆27Jul 17, 2023Updated 2 years ago
- Office365 Outlook and Exchange 2016 REST PowerShell library☆51Mar 30, 2022Updated 4 years ago
- KQL Queries☆40May 13, 2026Updated last week
- Display simple toast notification for user in System context when running a Proactive Remediation script☆14Nov 2, 2020Updated 5 years ago
- The only PowerShell script you need to manage registry on Windows devices using Microsoft Intune Remediations☆32Mar 1, 2026Updated 2 months ago
- Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external d…☆159Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- WIP: A MCP server to search, install, uninstall all your MCP servers or services for your Claude App (or more)☆17Jan 6, 2025Updated last year
- ☆11Aug 9, 2024Updated last year
- Protect your Domain Controllers by auditing and restricting LDAP requests☆189May 29, 2025Updated 11 months ago
- Automatically generated Sysmon parser for Azure Sentinel☆18Jan 6, 2026Updated 4 months ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- A password validation and generation tool kit☆13Jan 7, 2023Updated 3 years ago
- prometheus with AspNetCore☆10Sep 23, 2020Updated 5 years ago