bobby-tablez / Enable-All-The-LogsLinks
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆33Updated 4 months ago
Alternatives and similar repositories for Enable-All-The-Logs
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
Sorting:
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated this week
- A GUI to query the API of abuse.ch.☆70Updated 3 years ago
- Detection rule validation☆41Updated last year
- Baseline a Windows System against LOLBAS☆29Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆53Updated 8 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆125Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆157Updated 4 months ago
- ASR Configurator, Essentials and Atomic Testing☆88Updated 4 months ago
- ☆53Updated last week
- ☆53Updated 3 months ago
- ESXi Cyber Security Incident Response Script☆25Updated 11 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 5 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆93Updated last week
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆78Updated 4 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 11 months ago
- Evtx Log (xml) Browser☆56Updated 2 years ago
- Initial triage of Windows Event logs☆102Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated last year
- yara detection rules for hunting with the threathunting-keywords project☆127Updated 3 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆69Updated 2 months ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- An exercise to practice deobfuscating PowerShell Scripts.☆26Updated 2 years ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆86Updated 6 months ago
- God Mode Detection Rules☆134Updated last year
- ☆22Updated 2 years ago
- Full of public notes and Utilities☆128Updated 6 months ago