bobby-tablez / Enable-All-The-Logs
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
☆22Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for Enable-All-The-Logs
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 6 months ago
- The Atomic Playbook contains TTPs from the MITRE ATT&CK framework mapped to the tests in the Atomic Red Team. It serves as a single resou…☆31Updated 10 months ago
- Bloodhound Portable for Windows☆51Updated last year
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆25Updated 2 years ago
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- VTC - Velociraptor Timeline Creator☆15Updated 6 months ago
- Detection rule validation☆41Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆90Updated 2 years ago
- MS Graph Commands and Tools for Blue Teamers☆48Updated last year
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 3 weeks ago
- Ransomware Simulator for testing Blue Team Detections☆35Updated 2 years ago
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- Evtx Log (xml) Browser☆55Updated last year
- An experimental Velociraptor implementation using cloud infrastructure☆21Updated last week
- create a "simulated internet" cyber range environment☆13Updated last month
- Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.☆15Updated last year
- This Repository gives the best and possible strategies against hunting the ransomware☆24Updated 2 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆25Updated last year
- CIS Benchmark testing of Windows SIEM configuration☆43Updated last year
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- A quick reference guide for python script development in DFIR☆16Updated 8 months ago
- Simulation of Akira Ransomware with Invoke-AtomicTest☆12Updated 4 months ago
- Send High & New Incidents to The Hive incident management Platform☆17Updated 3 years ago
- Command-line tool to search for malware samples in various repositories☆10Updated 2 years ago
- passat - password auditing tool. Does statistical analyses on large sets of cracked passwords.☆24Updated 2 years ago
- Hundred Days of Yara Challenge☆12Updated 2 years ago
- urlyzer is a URL parsing analysis tool.☆21Updated 3 months ago