bobby-tablez / Enable-All-The-LogsLinks
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆30Updated last month
Alternatives and similar repositories for Enable-All-The-Logs
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
Sorting:
- MS Graph Commands and Tools for Blue Teamers☆49Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 10 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 5 months ago
- Bloodhound Portable for Windows☆51Updated 2 years ago
- Detection rule validation☆41Updated last year
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆74Updated last month
- Living off the False Positive!☆37Updated 4 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Baseline a Windows System against LOLBAS☆27Updated last year
- create a "simulated internet" cyber range environment☆16Updated this week
- Simulation of Akira Ransomware with Invoke-AtomicTest☆16Updated 10 months ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Updated 2 years ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated 2 years ago
- CarbonBlack EDR detection rules and response actions☆71Updated 8 months ago
- ☆32Updated last year
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated last year
- ESXi Cyber Security Incident Response Script☆22Updated 8 months ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- ShellSweeping the evil.☆52Updated 11 months ago
- A quick reference guide for python script development in DFIR☆17Updated last year
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆47Updated last year
- Contains compiled binaries of Volatility☆33Updated 2 weeks ago
- Bash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.☆43Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- A simple tool designed to create Atomic Red Team tests with ease.☆43Updated 2 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- BlueBox Malware analysis Box and Cyber threat intelligence.☆42Updated 3 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- Tools and scripts to deploy and manage OpenRelik instances☆13Updated 3 months ago