bobby-tablez / Enable-All-The-LogsLinks
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆35Updated 7 months ago
Alternatives and similar repositories for Enable-All-The-Logs
Users that are interested in Enable-All-The-Logs are comparing it to the libraries listed below
Sorting:
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated 2 months ago
- MS Graph Commands and Tools for Blue Teamers☆51Updated 2 years ago
- Linux Baseline and Forensic Triage Tool - BETA☆57Updated 3 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated 4 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆159Updated 7 months ago
- An exercise to practice deobfuscating PowerShell Scripts.☆26Updated 2 years ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 5 months ago
- Initial triage of Windows Event logs☆103Updated last year
- ☆52Updated 3 months ago
- Detection rule validation☆40Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆118Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago
- Baseline a Windows System against LOLBAS☆69Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆67Updated 2 years ago
- A GUI to query the API of abuse.ch.☆70Updated 3 years ago
- CarbonBlack EDR detection rules and response actions☆73Updated last year
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆57Updated 5 months ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆79Updated 7 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆73Updated 5 months ago
- ASR Configurator, Essentials and Atomic Testing☆99Updated 7 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆125Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆54Updated 11 months ago
- God Mode Detection Rules☆134Updated last year
- This Repository gives the best and possible strategies against hunting the ransomware☆26Updated 3 years ago
- ☆22Updated 2 years ago
- Contains compiled binaries of Volatility☆37Updated 6 months ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆56Updated 8 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Updated last year
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year