Please see other maintained fork:
☆17Dec 4, 2025Updated 3 months ago
Alternatives and similar repositories for sysmon-config
Users that are interested in sysmon-config are comparing it to the libraries listed below
Sorting:
- Suricata rules to detect Winnti communication☆16Mar 5, 2018Updated 8 years ago
- Appendix resources for Intrinsec's "Amélioration des capacités de détection" handbook.☆13Mar 26, 2018Updated 7 years ago
- Network detector for Winnti malware☆21Mar 6, 2018Updated 8 years ago
- ☆17Sep 14, 2017Updated 8 years ago
- This repository is a curated list of pro bono incident response entities.☆21Jun 21, 2023Updated 2 years ago
- List of netblocks with shared hosting on 20170330☆10Apr 10, 2017Updated 8 years ago
- Script to install pentest tools on Alpine Linux☆12Jul 3, 2015Updated 10 years ago
- Various snippets created during malware analysis☆22Apr 29, 2018Updated 7 years ago
- Nmap Script to scan for Winnti infections☆71May 22, 2018Updated 7 years ago
- ☆53Mar 4, 2019Updated 7 years ago
- ☆107Mar 25, 2025Updated 11 months ago
- Pull author and committer names and emails from Travis-CI☆11Aug 9, 2020Updated 5 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Understanding ATT&CK Matrix for Enterprise☆79May 16, 2018Updated 7 years ago
- Defender for Endpoint☆28Jul 12, 2024Updated last year
- Small and highly portable detection tests.☆12Oct 12, 2017Updated 8 years ago
- A python implementation of send_arp.c from the linux-ha project☆16Apr 25, 2016Updated 9 years ago
- Log Examination Tool☆27Oct 11, 2016Updated 9 years ago
- PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk☆30Oct 4, 2016Updated 9 years ago
- Basic Auth Phish page☆25Sep 11, 2017Updated 8 years ago
- Generates visualizations from the output of flow tools such as SiLK.☆35Dec 8, 2016Updated 9 years ago
- A collection of bro_scripts and signatures☆27Jun 26, 2019Updated 6 years ago
- ☆17Apr 20, 2022Updated 3 years ago
- This PowerShell module allows you to create Microsoft Word documents without Word being installed on the machine☆13Oct 7, 2022Updated 3 years ago
- KERnano: The No-install Python Pen Testing kit. (Windows & Linux)☆13Sep 2, 2022Updated 3 years ago
- This repository contains examples of micro virtual machines (microVMs) that can be run using firecracker.☆23Jan 22, 2019Updated 7 years ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- Automated Memory Forensic☆34Jul 18, 2018Updated 7 years ago
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆27Jun 25, 2024Updated last year
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 9 years ago
- ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a se…☆70Mar 9, 2015Updated 11 years ago
- Rules I have researched for Sentinel in my spare time. If someone wants to offer me a job I am open. Anyone can use this. Please credit m…☆17Jan 24, 2025Updated last year
- PowerShell Utilities for Security Situational Awareness☆13Jan 10, 2017Updated 9 years ago
- How to send Windows EventLogs into Graylog☆20Oct 20, 2025Updated 5 months ago
- 📖 TypeScript client for Kindle's unofficial API.☆14Oct 7, 2024Updated last year
- A set of Maltego transforms for VirusTotal Public API v2.0. This set has the added functionality of caching queries on a daily basis to s…☆82Nov 29, 2015Updated 10 years ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Dec 28, 2015Updated 10 years ago
- REST API based malware repository (abandoned)☆107Apr 4, 2015Updated 10 years ago
- Additional README's for XSOAR and XSOAR related things☆14Oct 4, 2023Updated 2 years ago