jymcheong/SysmonResources external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

jymcheong/SysmonResources

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jymcheong/SysmonResources)

Close

jymcheong / SysmonResourcesView on GitHubMore

• External links
• Readme badge

Consolidation of various resources related to Microsoft Sysmon & sample data/log

☆124Sep 20, 2021Updated 4 years ago

Alternatives and similar repositories for SysmonResources

Users that are interested in SysmonResources are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,571Jan 24, 2023Updated 3 years ago
• TheHive-Project / Zerofox2TH

  View on GitHub
  Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
  ☆46Mar 2, 2020Updated 6 years ago
• Neo23x0 / yarAnalyzer

  View on GitHub
  Yara Rule Analyzer and Statistics
  ☆394Feb 19, 2023Updated 3 years ago
• ion-storm / sysmon-config

  View on GitHub
  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …
  ☆826Nov 5, 2023Updated 2 years ago
• Neo23x0 / Fenrir

  View on GitHub
  Simple Bash IOC Scanner
  ☆776Feb 12, 2022Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• center-for-threat-informed-defense / adversary_emulation_library

  View on GitHub
  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
  ☆2,124May 28, 2025Updated last year
• DarkStar7471 / darkstar7471.github.io

  View on GitHub
  Personal website, darkstar7471.com
  ☆11Dec 16, 2021Updated 4 years ago
• MHaggis / sysmon-dfir

  View on GitHub
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆942Dec 12, 2023Updated 2 years ago
• SwiftOnSecurity / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆5,544Jul 3, 2024Updated last year
• chaoticmachinery / frac_rift

  View on GitHub
  FRAC and RIFT
  ☆17Mar 16, 2019Updated 7 years ago
• Neo23x0 / yarGen

  View on GitHub
  yarGen is a generator for YARA rules
  ☆1,795Jan 10, 2026Updated 5 months ago
• Neo23x0 / Loki

  View on GitHub
  Loki - Simple IOC and YARA Scanner
  ☆3,760Jan 12, 2026Updated 5 months ago
• 401trg / utilities

  View on GitHub
  This repository contains tools used by 401trg.
  ☆20Apr 14, 2021Updated 5 years ago
• InQuest / awesome-yara

  View on GitHub
  A curated list of awesome YARA rules, tools, and people.
  ☆4,220May 26, 2026Updated 2 weeks ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• MattUebel / splunk_UF_hardening

  View on GitHub
  scripts to configure the Splunk Universal Forwarder in a locked down state
  ☆40Dec 13, 2018Updated 7 years ago
• abhisek / RandomCode

  View on GitHub
  Random Code Store
  ☆17Mar 27, 2023Updated 3 years ago
• P3t3rp4rk3r / Malware-Analysis

  View on GitHub
  ☆11Oct 28, 2016Updated 9 years ago
• wavestone-cdt / powerpxe

  View on GitHub
  Powershell script to extract information from boot PXE
  ☆160Apr 26, 2019Updated 7 years ago
• olafhartong / TA-Sysmon-deploy

  View on GitHub
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆32Jul 30, 2020Updated 5 years ago
• splunk / botsv2

  View on GitHub
  Splunk Boss of the SOC version 2 dataset.
  ☆429Nov 1, 2022Updated 3 years ago
• olafhartong / WDACme

  View on GitHub
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆30Jun 18, 2025Updated 11 months ago
• zeek / packages

  View on GitHub
  The default package source of the Zeek Package Manager. Wrote a package? See the README for how to get it included.
  ☆143May 26, 2026Updated 2 weeks ago
• horshark / akb-explorer

  View on GitHub
  A command line tool to search AttackerKB.
  ☆54Jan 16, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• JPCERTCC / SysmonSearch

  View on GitHub
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆431Dec 22, 2023Updated 2 years ago
• jackattackks / Automate-Cybersecurity-Tasks-With-Python

  View on GitHub
  Coding labs from the Automate Cybersecurity Tasks with Python course from Google's Cybersecurity Professional Certificate.
  ☆11Jan 26, 2024Updated 2 years ago
• HASecuritySolutions / LogCampaign

  View on GitHub
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆55Jul 1, 2022Updated 3 years ago
• microsoft / msticpy-training

  View on GitHub
  Training and support materials for MSTICPy
  ☆18Jun 27, 2023Updated 2 years ago
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,647Apr 4, 2026Updated 2 months ago
• boundary / wireshark

  View on GitHub
  wireshark + boundary IPFIX decode patches
  ☆338Jun 8, 2018Updated 8 years ago
• brock7 / winpooch

  View on GitHub
  ☆10Mar 30, 2016Updated 10 years ago
• FalconForceTeam / FalconFriday

  View on GitHub
  Hunting queries and detections
  ☆916May 7, 2026Updated last month
• TheHive-Project / Cortex

  View on GitHub
  Cortex: a Powerful Observable Analysis and Active Response Engine
  ☆1,586May 20, 2026Updated 3 weeks ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• JoeAWagner / SolarWindsIOCScanner

  View on GitHub
  SolarWindsIOCScanner
  ☆11Jan 19, 2021Updated 5 years ago
• trustedsec / SysmonCommunityGuide

  View on GitHub
  TrustedSec Sysinternals Sysmon Community Guide
  ☆1,418Feb 10, 2026Updated 4 months ago
• eddiechu-zz / Encrypt-Delete-Test

  View on GitHub
  Really can protect from ransomware encryption?
  ☆15Nov 25, 2021Updated 4 years ago
• SadProcessor / EmpireDog

  View on GitHub
  A collection of PowerShell Modules for BloodHound/Empire Orchestration
  ☆110Sep 26, 2017Updated 8 years ago
• agreenjay / sysmon

  View on GitHub
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Mar 23, 2020Updated 6 years ago
• JamesHabben / sysmon-queries

  View on GitHub
  Queries to parse sysmon event log file with microsoft logparser
  ☆59Mar 31, 2015Updated 11 years ago
• NoelV11 / DFIR-Training

  View on GitHub
  Digital Forensics and Incident Response notes and Autopsy tool walkthrough
  ☆11Feb 3, 2022Updated 4 years ago