bobby-tablez / Enable-All-The-Logs
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆25Updated last month
Alternatives and similar repositories for Enable-All-The-Logs:
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 7 months ago
- MS Graph Commands and Tools for Blue Teamers☆49Updated last year
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Bloodhound Portable for Windows☆51Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆51Updated 3 months ago
- ASR Configurator, Essentials and Atomic Testing☆37Updated 4 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated last week
- Detection rule validation☆41Updated last year
- Baseline a Windows System against LOLBAS☆25Updated 10 months ago
- create a "simulated internet" cyber range environment☆15Updated last month
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆35Updated 3 months ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆47Updated 11 months ago
- Threat Simulator for Enterprise Networks☆14Updated 2 years ago
- ESXi Cyber Security Incident Response Script☆23Updated 6 months ago
- Living off the False Positive!☆34Updated last month
- A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding …☆27Updated 4 months ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆23Updated this week
- Initial triage of Windows Event logs☆95Updated 8 months ago
- Repository that contains random short projects like write-ups, PowerShell scripts, and more.☆28Updated 3 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆51Updated last year
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆105Updated 3 months ago
- Collection of videos of Raids on Cybercriminals☆18Updated 5 months ago
- A GUI to query the API of abuse.ch.☆70Updated 2 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Updated 3 months ago
- VTC - Velociraptor Timeline Creator☆15Updated 9 months ago
- Windows Security Logging☆43Updated 2 years ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year