bobby-tablez / Enable-All-The-LogsLinks
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
β36Updated 8 months ago
Alternatives and similar repositories for Enable-All-The-Logs
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
Sorting:
- MS Graph Commands and Tools for Blue Teamersβ52Updated 2 years ago
- π§° ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.β81Updated 7 months ago
- Detection rule validationβ40Updated 2 years ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automβ¦β49Updated 3 months ago
- A GUI to query the API of abuse.ch.β70Updated 3 years ago
- Baseline a Windows System against LOLBASβ69Updated last year
- β52Updated 3 months ago
- Initial triage of Windows Event logsβ104Updated last year
- Placeholder for my detection repo and misc detection engineering contentβ42Updated 2 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders undβ¦β125Updated last year
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from themβ34Updated 5 months ago
- β74Updated last week
- Contains compiled binaries of Volatilityβ37Updated 6 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.β159Updated 8 months ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.β57Updated 6 months ago
- β53Updated 2 months ago
- ASR Configurator, Essentials and Atomic Testingβ99Updated 7 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so onβ84Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data wβ¦β54Updated last year
- God Mode Detection Rulesβ134Updated last year
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or eventβ¦β78Updated 4 years ago
- CarbonBlack EDR detection rules and response actionsβ73Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.β34Updated last year
- VTC - Velociraptor Timeline Creatorβ19Updated last year
- β22Updated 2 years ago
- A C# based tool for analysing malicious OneNote documentsβ118Updated 2 years ago
- Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.β43Updated 2 years ago
- Linux Baseline and Forensic Triage Tool - BETAβ57Updated 3 years ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selecβ¦β32Updated 9 months ago
- This Repository gives the best and possible strategies against hunting the ransomwareβ26Updated 3 years ago