j91321 / ansible-role-sysmonLinks
Ansible role for installing Sysmon with popular config files included.
☆25Updated 2 years ago
Alternatives and similar repositories for ansible-role-sysmon
Users that are interested in ansible-role-sysmon are comparing it to the libraries listed below
Sorting:
- ☆42Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆93Updated 3 years ago
- ☆43Updated 4 years ago
- Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …☆36Updated 3 years ago
- Kerberoast Detection Script☆30Updated 9 months ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 3 years ago
- ESXi Cyber Security Incident Response Script☆25Updated 11 months ago
- Build a domain with three quick PowerShell scripts!☆29Updated 5 years ago
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆93Updated 4 months ago
- Powershell Event Tracing Toolbox☆76Updated 3 years ago
- Azure AD Incident Response☆26Updated 3 years ago
- Simple PowerShell script to enable process scanning with Yara.☆95Updated 2 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆29Updated 4 years ago
- Monitor your PingCastle scans to highlight the rule diff between two scans☆114Updated 11 months ago
- PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset☆22Updated 3 years ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆107Updated 7 months ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 7 months ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆55Updated 2 years ago
- ☆115Updated 6 years ago
- ☆47Updated 3 months ago
- A WDAC configuration repository with the sole intention of enriching MDE☆29Updated last month
- ☆23Updated 5 months ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆53Updated 2 years ago
- Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.☆33Updated last year
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Updated 2 years ago
- ☆53Updated 3 months ago