bobby-tablez / Enable-All-The-LogsLinks
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆34Updated 6 months ago
Alternatives and similar repositories for Enable-All-The-Logs
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
Sorting:
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated 2 months ago
- Detection rule validation☆40Updated 2 years ago
- ☆52Updated 2 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆159Updated 6 months ago
- A GUI to query the API of abuse.ch.☆70Updated 3 years ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆79Updated 6 months ago
- Initial triage of Windows Event logs☆102Updated last year
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆17Updated 2 years ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Updated 3 years ago
- yara detection rules for hunting with the threathunting-keywords project☆150Updated 5 months ago
- CarbonBlack EDR detection rules and response actions☆73Updated last year
- ESXi Cyber Security Incident Response Script☆25Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆54Updated 10 months ago
- Contains compiled binaries of Volatility☆37Updated 5 months ago
- ☆22Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆117Updated 2 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated 4 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆125Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 7 months ago
- Baseline a Windows System against LOLBAS☆68Updated last year
- ☆53Updated 2 weeks ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆57Updated 4 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆73Updated 4 months ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆32Updated 8 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆15Updated 4 months ago
- Simulation of Akira Ransomware with Invoke-AtomicTest☆16Updated last year
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆68Updated last year