bobby-tablez / Enable-All-The-LogsLinks
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆32Updated 3 months ago
Alternatives and similar repositories for Enable-All-The-Logs
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
Sorting:
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Detection rule validation☆41Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 8 months ago
- Initial triage of Windows Event logs☆102Updated last year
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆77Updated 3 months ago
- A GUI to query the API of abuse.ch.☆70Updated 3 years ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- ☆52Updated 2 weeks ago
- Contains compiled binaries of Volatility☆34Updated 2 months ago
- Simulation of Akira Ransomware with Invoke-AtomicTest☆17Updated last year
- Evtx Log (xml) Browser☆56Updated 2 years ago
- Baseline a Windows System against LOLBAS☆27Updated last year
- ESXi Cyber Security Incident Response Script☆25Updated 11 months ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 2 years ago
- Simple Script to Help You Find All Files Has Been Modified, Accessed, and Created In A Range Time.☆27Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆154Updated 4 months ago
- ☆53Updated 3 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated last month
- This Repository gives the best and possible strategies against hunting the ransomware☆26Updated 2 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆78Updated 4 years ago
- ☆22Updated 2 years ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated last year
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆68Updated last month
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆55Updated last month
- An exercise to practice deobfuscating PowerShell Scripts.☆26Updated 2 years ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- CarbonBlack EDR detection rules and response actions☆71Updated 10 months ago