Consolidation of various resources related to Microsoft Sysmon & sample data/log
☆124Sep 20, 2021Updated 4 years ago
Alternatives and similar repositories for SysmonResources
Users that are interested in SysmonResources are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Windows Events Attack Samples☆2,586Jan 24, 2023Updated 3 years ago
- Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆46Mar 2, 2020Updated 6 years ago
- DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆46Jul 8, 2019Updated 6 years ago
- Yara Rule Analyzer and Statistics☆396Feb 19, 2023Updated 3 years ago
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆826Nov 5, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Simple Bash IOC Scanner☆777Feb 12, 2022Updated 4 years ago
- An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.☆2,129May 28, 2025Updated last year
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆944Dec 12, 2023Updated 2 years ago
- Sysmon configuration file template with default high-quality event tracing☆5,567Jul 3, 2024Updated 2 years ago
- FRAC and RIFT☆17Mar 16, 2019Updated 7 years ago
- yarGen is a generator for YARA rules☆1,798Jan 10, 2026Updated 5 months ago
- Loki - Simple IOC and YARA Scanner☆3,765Jan 12, 2026Updated 5 months ago
- This repository contains tools used by 401trg.☆20Apr 14, 2021Updated 5 years ago
- A curated list of awesome YARA rules, tools, and people.☆4,238Jun 15, 2026Updated 2 weeks ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Dec 13, 2018Updated 7 years ago
- Python rewrite of passive OS fingerprinting tool☆217Dec 24, 2025Updated 6 months ago
- Random Code Store☆17Mar 27, 2023Updated 3 years ago
- ☆11Oct 28, 2016Updated 9 years ago
- Powershell script to extract information from boot PXE☆160Apr 26, 2019Updated 7 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆32Jul 30, 2020Updated 5 years ago
- Splunk Boss of the SOC version 2 dataset.☆431Nov 1, 2022Updated 3 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated last year
- The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.☆144Jun 26, 2026Updated last week
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A command line tool to search AttackerKB.☆54Jan 16, 2021Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Coding labs from the Automate Cybersecurity Tasks with Python course from Google's Cybersecurity Professional Certificate.☆11Jan 26, 2024Updated 2 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆55Jul 1, 2022Updated 4 years ago
- Training and support materials for MSTICPy☆18Jun 27, 2023Updated 3 years ago
- Utilities for Sysmon☆1,650Apr 4, 2026Updated 3 months ago
- ☆10Mar 30, 2016Updated 10 years ago
- Hunting queries and detections☆914May 7, 2026Updated last month
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,590May 20, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- SolarWindsIOCScanner☆11Jan 19, 2021Updated 5 years ago
- KQL Queries☆42Jun 23, 2026Updated last week
- TrustedSec Sysinternals Sysmon Community Guide☆1,423Updated this week
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆110Sep 26, 2017Updated 8 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 6 years ago
- Queries to parse sysmon event log file with microsoft logparser☆59Mar 31, 2015Updated 11 years ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago