This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.
☆83Mar 20, 2023Updated 2 years ago
Alternatives and similar repositories for Update-Sysmon
Users that are interested in Update-Sysmon are comparing it to the libraries listed below
Sorting:
- Pushes Sysmon Configs☆90Jun 11, 2021Updated 4 years ago
- An Inofficial Sysmon Version History (Change Log)☆33Oct 25, 2020Updated 5 years ago
- WEFTools☆14Apr 30, 2020Updated 5 years ago
- PowerShell module for creating and managing Sysinternals Sysmon config files.☆214Mar 29, 2021Updated 4 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- incident response scripts☆18Mar 4, 2019Updated 6 years ago
- Public Repo for Atomic Test Harness☆282Apr 8, 2025Updated 10 months ago
- Script to parse Process Monitor XML log file, and give you a summary report.☆23May 4, 2016Updated 9 years ago
- An experimental Velociraptor implementation using cloud infrastructure☆26Dec 2, 2025Updated 2 months ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Jul 5, 2020Updated 5 years ago
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆22Jan 30, 2018Updated 8 years ago
- Test Blue Team detections without running any attack.☆271May 2, 2024Updated last year
- The repo for the ViruSafe Backend project.☆11Jan 21, 2022Updated 4 years ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- HoneyDB Python Module☆14Feb 6, 2024Updated 2 years ago
- ☆10Jan 22, 2025Updated last year
- Various components we use in labs☆10Oct 30, 2020Updated 5 years ago
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆821Nov 5, 2023Updated 2 years ago
- ☆26Apr 5, 2020Updated 5 years ago
- Synapse Rapid Power-up for SinkDB☆11Jun 24, 2025Updated 8 months ago
- ☆50Aug 30, 2020Updated 5 years ago
- A framework that correlates Bro events☆18Oct 25, 2013Updated 12 years ago
- Linux and Windows Hardening Points☆12Mar 6, 2018Updated 7 years ago
- Open source HIDS tailored for Microsoft Windows and Active Directory☆29Feb 13, 2026Updated 2 weeks ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆159Mar 10, 2025Updated 11 months ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Jan 9, 2022Updated 4 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- Accompanying PowerShell Modules for DevSec Defense Presentation☆30Apr 15, 2018Updated 7 years ago
- A repository that maps API calls to Sysmon Event ID's.☆121Nov 14, 2022Updated 3 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆14Aug 22, 2020Updated 5 years ago
- Historical Observations of Actionable Reputation Data☆13Jun 26, 2018Updated 7 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,078Nov 28, 2024Updated last year
- Defence Against the Dark Arts☆34Sep 15, 2019Updated 6 years ago
- ☆13Dec 12, 2021Updated 4 years ago