bobby-tablez / Enable-All-The-Logs
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆22Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for Enable-All-The-Logs
- Bloodhound Portable for Windows☆51Updated last year
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- MS Graph Commands and Tools for Blue Teamers☆48Updated 11 months ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated last year
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- VTC - Velociraptor Timeline Creator☆15Updated 5 months ago
- An experimental Velociraptor implementation using cloud infrastructure☆21Updated this week
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 3 months ago
- create a "simulated internet" cyber range environment☆13Updated last month
- Simple PowerShell script to enable process scanning with Yara.☆90Updated 2 years ago
- Detection rule validation☆41Updated last year
- Baseline a Windows System against LOLBAS☆24Updated 6 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 5 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆50Updated last year
- Initial triage of Windows Event logs☆89Updated 4 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- Evtx Log (xml) Browser☆55Updated last year
- Multi-services Asynchronous Honeypot Solution with real-time threat detection☆25Updated last month
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- CIS Benchmark testing of Windows SIEM configuration☆43Updated last year
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆25Updated 2 years ago
- Threat Simulator for Enterprise Networks☆14Updated 2 years ago
- A GUI to query the API of abuse.ch.☆70Updated 2 years ago
- An Adaptive Misuse Detection System☆29Updated this week
- Repository that contains random short projects like write-ups, PowerShell scripts, and more.☆26Updated this week
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- ☆37Updated 2 years ago