bobby-tablez / Enable-All-The-LogsLinks
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆31Updated 2 months ago
Alternatives and similar repositories for Enable-All-The-Logs
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
Sorting:
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.☆34Updated 11 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 6 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Baseline a Windows System against LOLBAS☆27Updated last year
- Living off the False Positive!☆37Updated 4 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 3 months ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆75Updated 2 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 9 months ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆48Updated last year
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated last week
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated last year
- ESXi Cyber Security Incident Response Script☆23Updated 9 months ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Updated 2 years ago
- Bloodhound Portable for Windows☆51Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated last month
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Threat Simulator for Enterprise Networks☆14Updated 3 years ago
- Detection rule validation☆41Updated last year
- ☆22Updated 2 years ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆45Updated 2 months ago
- A GUI to query the API of abuse.ch.☆70Updated 2 years ago
- ☆32Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- A simple tool designed to create Atomic Red Team tests with ease.☆44Updated 3 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- VTC - Velociraptor Timeline Creator☆18Updated last year
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆26Updated 7 months ago