Maps process creation logged by Sysmon uses Google Org Chart API
☆23Mar 5, 2016Updated 10 years ago
Alternatives and similar repositories for SysmonMapper
Users that are interested in SysmonMapper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Windows Event Forwarding for Active Directory Security Logs☆29Jun 28, 2016Updated 9 years ago
- Some IR notes☆17Jul 2, 2016Updated 9 years ago
- Script for auditing whitelist and finding fronted domains and loosely typed regular expressions.☆13Dec 25, 2017Updated 8 years ago
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 5 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- PowerShell module with improved Active Directory cmdlets☆30Jan 24, 2017Updated 9 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a qui…☆13Apr 22, 2015Updated 10 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 11 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Dec 24, 2019Updated 6 years ago
- Windows Drivers☆100Apr 6, 2019Updated 7 years ago
- PowerShell module for creating and managing Sysinternals Sysmon config files.☆215Mar 29, 2021Updated 5 years ago
- Find permanent WMI event consumers on endpoints that could be used by APT actors.☆17Jun 15, 2016Updated 9 years ago
- Various scripts to help you out. Mostly very scrappy, but functional. I realise Write-Host is not the way to do things, but I wrote som…☆27May 13, 2022Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 9 years ago
- Windows Trollware and Persistence Script☆13Sep 16, 2015Updated 10 years ago
- Finds dynamic DNS (like no-ip.org) domains from a given list of domains☆14Sep 17, 2015Updated 10 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆33Jul 12, 2022Updated 3 years ago
- B-Sides CBR 2018 talk about group policy and Grouper☆38May 3, 2019Updated 6 years ago
- SQL scripts for querying event logs☆21Jul 12, 2017Updated 8 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Jul 13, 2018Updated 7 years ago
- Why hunt when you can seine?☆21May 12, 2015Updated 10 years ago
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 6 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…☆14Mar 25, 2015Updated 11 years ago
- Script to enabled DNS Debug Logging across Domain Controllers in a Forest and then retrieve for analysis☆14May 27, 2016Updated 9 years ago
- Repository for all cbapi example scripts☆16Sep 18, 2018Updated 7 years ago
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆825Nov 5, 2023Updated 2 years ago
- IDATACO IDA Pro Plugin☆46Jun 14, 2016Updated 9 years ago
- Reconstruct process trees from event logs☆148Aug 12, 2020Updated 5 years ago
- Parses for Google Analytic values in raw files like RAM, DD images etc.☆18Apr 17, 2016Updated 9 years ago
- Indexed search and clustering tool for digital forensics☆26Nov 5, 2014Updated 11 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Cypherpunks Hall of Fame☆23Nov 10, 2025Updated 5 months ago
- This is a python script that can be run on each Splunk Indexer for the purpose of exporting historical bucket data (raw events + metadata…☆12Jan 31, 2024Updated 2 years ago
- ☆20May 30, 2025Updated 10 months ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆14Sep 13, 2016Updated 9 years ago
- Various tools and scripts☆43Nov 30, 2022Updated 3 years ago
- A collection of Splunk dashboard templates.☆15Apr 18, 2019Updated 6 years ago
- Some simple and useful tools☆15May 8, 2018Updated 7 years ago