☆43Apr 18, 2023Updated 2 years ago
Alternatives and similar repositories for security_monitoring
Users that are interested in security_monitoring are comparing it to the libraries listed below
Sorting:
- ☆22Mar 4, 2025Updated last year
- PlasmaPup is designed to help central and departmental IT personnel understand their exposures in Active Directory by showing which accou…☆29Apr 10, 2024Updated last year
- ☆52Feb 8, 2024Updated 2 years ago
- Automated CIS Benchmark Compliance Audit for Debian 12 with Ansible & GOSS☆25Nov 17, 2025Updated 4 months ago
- ☆14Feb 10, 2021Updated 5 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆30Mar 2, 2021Updated 5 years ago
- Documentation and scripts to properly enable Windows event logs.☆673Oct 3, 2025Updated 5 months ago
- DNS Dashboard for hunting and identifying beaconing☆16Jul 29, 2020Updated 5 years ago
- Collection of scripts and tools that I created to aid in my testing.☆14Mar 2, 2022Updated 4 years ago
- A PowerShell Logging Module that uses Classes to log to the console, log file, or the event viewer☆13Sep 13, 2018Updated 7 years ago
- A collection of some Powershell scripts and functions for building lab-environments☆19Feb 25, 2023Updated 3 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- python humio adapter☆28Jun 5, 2024Updated last year
- ☆19Apr 13, 2022Updated 3 years ago
- Random tips and tricks RE: ransomware☆14Aug 17, 2021Updated 4 years ago
- ☆71Jun 20, 2023Updated 2 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆118Nov 28, 2023Updated 2 years ago
- A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…☆20Aug 29, 2022Updated 3 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆644Jun 19, 2024Updated last year
- Microsoft Azure scripts☆14Dec 29, 2024Updated last year
- PowerShell Module for parsing logs generated by Sysinternals Sysmon for Linux☆37Mar 20, 2022Updated 4 years ago
- Sysmon configuration file template with default high-quality event tracing☆577Jan 21, 2026Updated 2 months ago
- Microsoft 365 Defender Hunting via PowerShell.☆14Feb 8, 2022Updated 4 years ago
- Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.☆36Feb 13, 2024Updated 2 years ago
- Notes from my "Implementing a Kick-Butt Training Program: Blue Team GO!" talk☆14Mar 4, 2019Updated 7 years ago
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆293Aug 26, 2021Updated 4 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 6 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- Default Detections for EDR☆97Feb 20, 2024Updated 2 years ago
- Knowing which rule should trigger according to the redcannary test☆11Nov 23, 2024Updated last year
- Get insights into the actual strength and quality of passwords in Active Directory.☆153Jul 11, 2024Updated last year
- ☆78Updated this week
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆151Mar 1, 2026Updated 3 weeks ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆54Jul 13, 2023Updated 2 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 3 years ago
- ☆84Mar 1, 2024Updated 2 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- ☆32Aug 16, 2025Updated 7 months ago
- Some resources to facilitate my blog on auditd for security monitoring☆13Mar 23, 2023Updated 2 years ago