The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.
☆10Sep 28, 2020Updated 5 years ago
Alternatives and similar repositories for sysmon2splunk
Users that are interested in sysmon2splunk are comparing it to the libraries listed below
Sorting:
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- SysScout is a fully encapsulated script that quickly and easily pulls local machine information from Linux-Based systems. A simple, easy…☆13Oct 20, 2017Updated 8 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- ☆12Jun 3, 2022Updated 3 years ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- Registry Explorer bookmark definitions☆44Dec 19, 2024Updated last year
- geolocate ip addresses in IIS logs☆20Jan 8, 2025Updated last year
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Crack base64(sha256(username)) hash from Microsoft Event ID 1029☆23Aug 4, 2023Updated 2 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- Discover USB device history for a specific user☆23Dec 28, 2015Updated 10 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago
- Proof-of-Concept exploits for CVE-2017-11882☆41Jan 2, 2018Updated 8 years ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- onigiri - remote malware triage script☆24Nov 5, 2015Updated 10 years ago
- A Backup for BMC Viewer☆33Nov 4, 2017Updated 8 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Apr 24, 2018Updated 7 years ago
- A fork of The Sleuthkit with Pooled Storage and APFS support. See https://www.youtube.com/watch?v=k1XPillJ7aw for more info and usage.☆26Oct 27, 2019Updated 6 years ago
- Tool to parse SRU database☆25Mar 1, 2018Updated 7 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Development guide for Volatility Plugins☆22Sep 6, 2017Updated 8 years ago
- ☆23May 7, 2021Updated 4 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- My Year of Python Repository☆28Jun 13, 2020Updated 5 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- The Shodan monitoring tools allows you to monitor shodan listed servers basis on the filter you provided☆33Jun 14, 2021Updated 4 years ago
- Privescker - make life easier by dumping all your common Windows enum, privesc and post exploitation scripts and tools on to the box in o…☆45Apr 4, 2022Updated 3 years ago
- Raspberry Pi powered Digital Clock for Amateur Radio using TM1637 4 digit displays☆11Mar 20, 2021Updated 4 years ago
- Windows 10 Exploit☆30Oct 29, 2018Updated 7 years ago
- Library of python scripts to apply Data Science in several forensics artifacts☆31Jul 16, 2020Updated 5 years ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- Threathunt details for the Solarwinds compromise☆33Jun 26, 2021Updated 4 years ago
- runsc loads 32/64 bit shellcode (depending on how runsc is compiled) in a way that makes it easy to load in a debugger. This code is base…☆38Dec 12, 2022Updated 3 years ago
- It is based on bulk_extractor (https://github.com/simsong/bulk_extractor) and add scanners for record carving☆42Apr 23, 2020Updated 5 years ago
- hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…☆40Aug 17, 2019Updated 6 years ago
- ☆12Dec 14, 2016Updated 9 years ago
- BruteProxy.py framework for brute-forcing via HTTP/HTTPS requests with looping proxies.☆12Jan 12, 2026Updated last month
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- A clone of FD (File & Directory tool) by T.Shirai☆16Jan 29, 2014Updated 12 years ago