Please see other maintained fork:
☆17Dec 4, 2025Updated 2 months ago
Alternatives and similar repositories for sysmon-config
Users that are interested in sysmon-config are comparing it to the libraries listed below
Sorting:
- Appendix resources for Intrinsec's "Amélioration des capacités de détection" handbook.☆13Mar 26, 2018Updated 7 years ago
- List of netblocks with shared hosting on 20170330☆10Apr 10, 2017Updated 8 years ago
- Suricata rules to detect Winnti communication☆16Mar 5, 2018Updated 7 years ago
- ☆17Sep 14, 2017Updated 8 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- This repository is a curated list of pro bono incident response entities.☆21Jun 21, 2023Updated 2 years ago
- Network detector for Winnti malware☆21Mar 6, 2018Updated 7 years ago
- Defender for Endpoint☆28Jul 12, 2024Updated last year
- Basic Auth Phish page☆25Sep 11, 2017Updated 8 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk☆30Oct 4, 2016Updated 9 years ago
- Log Examination Tool☆27Oct 11, 2016Updated 9 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Dec 8, 2016Updated 9 years ago
- A collection of bro_scripts and signatures☆27Jun 26, 2019Updated 6 years ago
- Understanding ATT&CK Matrix for Enterprise☆79May 16, 2018Updated 7 years ago
- Start here!☆11Feb 19, 2020Updated 6 years ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 8 years ago
- Automated Memory Forensic☆34Jul 18, 2018Updated 7 years ago
- A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to s…☆82Nov 29, 2015Updated 10 years ago
- The Sentinel.blog Repository provides automation tools for updating Analytics Rules, Content Hub Solutions, and Workbooks, eliminating re…☆17Updated this week
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Jul 13, 2018Updated 7 years ago
- Additional README's for XSOAR and XSOAR related things☆14Oct 4, 2023Updated 2 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Code examples from recent blog posts by minerva labs.☆45Jan 26, 2019Updated 7 years ago
- Telegram Bot that performs checks of the yararules.com ruleset☆13May 13, 2016Updated 9 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12May 16, 2020Updated 5 years ago
- How can you track the hunting techniques you come up with?☆13Sep 3, 2017Updated 8 years ago
- Small and highly portable detection tests.☆12Oct 12, 2017Updated 8 years ago
- 🌦️ Domain Ranker☆16Sep 7, 2019Updated 6 years ago
- Resources, articles, thoughts, datasets, papers on TI tradecraft☆11Aug 24, 2018Updated 7 years ago
- Method of finding interesting domains using keywords + JARMs☆13Jan 30, 2023Updated 3 years ago
- A Catalog of Application Whitelisting Bypass Techniques☆11Jul 14, 2017Updated 8 years ago
- The Outlook HTML Leak Test Project☆41May 12, 2018Updated 7 years ago
- REST API based malware repository (abandoned)☆107Apr 4, 2015Updated 10 years ago
- KERnano: The No-install Python Pen Testing kit. (Windows & Linux)☆13Sep 2, 2022Updated 3 years ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 3 years ago
- PSSH provides parallel versions of OpenSSH and related tools.☆17Nov 26, 2022Updated 3 years ago
- AzureLogLibrary - repository used for Azure logging with ARM-templates, scripts, documentation to deploy DCRs, extensions, etc☆14Aug 11, 2023Updated 2 years ago