Maps process creation logged by Sysmon uses Google Org Chart API
☆23Mar 5, 2016Updated 9 years ago
Alternatives and similar repositories for SysmonMapper
Users that are interested in SysmonMapper are comparing it to the libraries listed below
Sorting:
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 5 years ago
- Windows Event Forwarding for Active Directory Security Logs☆29Jun 28, 2016Updated 9 years ago
- PowerShell No Agent Hunting☆111Apr 23, 2018Updated 7 years ago
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 6 years ago
- Windows Trollware and Persistence Script☆13Sep 16, 2015Updated 10 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a qui…☆13Apr 22, 2015Updated 10 years ago
- ☆15Jan 10, 2019Updated 7 years ago
- PowerShell module with improved Active Directory cmdlets☆30Jan 24, 2017Updated 9 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- PowerShell module for creating and managing Sysinternals Sysmon config files.☆214Mar 29, 2021Updated 4 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 8 years ago
- Repository for all cbapi example scripts☆16Sep 18, 2018Updated 7 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Jul 13, 2018Updated 7 years ago
- Find permanent WMI event consumers on endpoints that could be used by APT actors.☆17Jun 15, 2016Updated 9 years ago
- SQL scripts for querying event logs☆21Jul 12, 2017Updated 8 years ago
- Various scripts to help you out. Mostly very scrappy, but functional. I realise Write-Host is not the way to do things, but I wrote som…☆27May 13, 2022Updated 3 years ago
- The plugin is an integration of Virus Battle API to the well known IDA Disassembler.☆20May 26, 2015Updated 10 years ago
- ☆82Jul 5, 2016Updated 9 years ago
- ☆16Jan 31, 2015Updated 11 years ago
- officefileinfo is a python script to help analyse the newer Microsoft Office file formats. There are numerous tools for dealing with the …☆16Apr 28, 2016Updated 9 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- This is a python tool aiming to make using TheHive webhooks easier.☆28Oct 23, 2020Updated 5 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Dec 24, 2019Updated 6 years ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- IDATACO IDA Pro Plugin☆46Jun 14, 2016Updated 9 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Windows Drivers☆100Apr 6, 2019Updated 6 years ago
- Python unbup script for McAfee .bup files (with some additional fun features). This script is fully implemented in python it's not just a…☆37Apr 24, 2018Updated 7 years ago
- Tool for check the cookie flag in multiple sites☆28Dec 30, 2015Updated 10 years ago
- Python script to patch the reflective stub in a DLL☆24Apr 9, 2017Updated 8 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 9 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆33Jul 12, 2022Updated 3 years ago
- Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…☆24Jun 20, 2023Updated 2 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Feb 28, 2018Updated 8 years ago
- 2018 Computational Text Analysis Notebooks, University of Mannheim☆13Nov 22, 2018Updated 7 years ago
- B-Sides CBR 2018 talk about group policy and Grouper☆38May 3, 2019Updated 6 years ago
- The HPE Alletra 9000 and Primera and 3PAR PowerShell Toolkit supports cmdlets, which are wrappers around the native HPE Alletra 9000 or H…☆12Dec 21, 2022Updated 3 years ago
- This tool reads the output of “showrev -p” on Solaris machines and outputs a list of exploits that you might want to try. It currently f…☆30May 29, 2015Updated 10 years ago