OSSEC Decoder & Rulesets for Sysmon Events
☆15Jul 23, 2015Updated 10 years ago
Alternatives and similar repositories for Sysmon_OSSEC
Users that are interested in Sysmon_OSSEC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated 2 years ago
- Time-Machine Dynamic Bulk Packet Recorder☆36Apr 21, 2025Updated 11 months ago
- V1.0☆14Aug 8, 2016Updated 9 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- Process HTTP Pcaps With YARA☆108Jul 29, 2013Updated 12 years ago
- Suricata Extreme Performance Tuning guide☆213Mar 15, 2018Updated 8 years ago
- Volatility plugins☆12Feb 19, 2015Updated 11 years ago
- ☆11Oct 16, 2022Updated 3 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…☆18Oct 29, 2014Updated 11 years ago
- Logging plugin to bro to send logs to a Kafka broker☆20Nov 29, 2017Updated 8 years ago
- ☆13Oct 7, 2019Updated 6 years ago
- Python interface to the CRITs API☆22Mar 10, 2017Updated 9 years ago
- Detect Phishing with Bro IDS☆18Feb 1, 2017Updated 9 years ago
- Various DFIR Tools☆27Jul 23, 2018Updated 7 years ago
- ☆29Aug 9, 2016Updated 9 years ago
- Reading List for CSIRT Team Members☆17Oct 21, 2019Updated 6 years ago
- Steve McCanne's Sharkfest '21 Talk☆16Oct 12, 2021Updated 4 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Setup script for Red Teams☆14Apr 7, 2025Updated 11 months ago
- Tony's collection of powershell scripts, typically geared toward cybersec☆35Jan 16, 2026Updated 2 months ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- Modified edition of cuckoo☆18Feb 14, 2018Updated 8 years ago
- VirusTotal SIEM Integration and Automation☆18Jan 16, 2017Updated 9 years ago
- Configurations to implement Wazuh☆12Nov 28, 2022Updated 3 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- A website and framework for testing NIDS detection☆57Aug 29, 2021Updated 4 years ago
- Maltego transforms for the ThreatCrowd search API☆47Apr 11, 2018Updated 7 years ago
- uses keywords from alert logs to send SMS☆24Nov 20, 2015Updated 10 years ago
- OSCP Scripts☆14Jan 21, 2016Updated 10 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Sep 20, 2016Updated 9 years ago
- Django middleware and signals for handling security events☆13Apr 14, 2021Updated 4 years ago
- ☆16Updated this week
- Dockerfiles for NSM tools☆84Apr 14, 2017Updated 8 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Mirror network traffic from one interface to another on Windows☆25Feb 26, 2020Updated 6 years ago
- ☆25Oct 14, 2017Updated 8 years ago
- Bro scripts written by CrowdStrike Services☆150May 3, 2021Updated 4 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Feb 28, 2018Updated 8 years ago