akapv / Sysmon_to_AdvancedHunting_KQLLinks
☆10Updated 4 years ago
Alternatives and similar repositories for Sysmon_to_AdvancedHunting_KQL
Users that are interested in Sysmon_to_AdvancedHunting_KQL are comparing it to the libraries listed below
Sorting:
- ☆21Updated 3 years ago
- OSSEM Modular☆27Updated 5 years ago
- Manticore Adversary Emulation Cli☆48Updated 4 years ago
- Windows Security Logging☆43Updated 2 years ago
- C# User Simulation☆32Updated 2 years ago
- Continuous kerberoast monitor☆45Updated last year
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- ☆27Updated 4 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 3 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- Speaking materials from conferences I've given☆9Updated 2 years ago
- gundog - guided hunting in Microsoft Defender☆52Updated 4 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 4 years ago
- ☆42Updated this week
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆37Updated 5 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- BloodHound Data Scanner☆45Updated 5 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 3 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆35Updated 3 years ago
- ☆38Updated 3 years ago
- Windows stuff☆16Updated 5 years ago
- Enumerate Microsoft 365 Groups in a tenant with their metadata☆53Updated 4 years ago
- Terraform script to deploy AD-based environment on Azure☆41Updated 2 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Updated 6 years ago
- A location where I save and share notes about security topics.☆11Updated 5 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Fake SMB and SAMR data☆11Updated 5 years ago