This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
☆22Jan 30, 2018Updated 8 years ago
Alternatives and similar repositories for WinLogsZero2Hero
Users that are interested in WinLogsZero2Hero are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆12Sep 4, 2013Updated 12 years ago
- Custom scripts released for BSidesDC 2016☆14Oct 19, 2016Updated 9 years ago
- PowerShell script to find 'vulnerable' security-related GPOs that should be hardended☆198Jun 1, 2018Updated 7 years ago
- Automated, Collection, and Enrichment Platform☆324Nov 14, 2019Updated 6 years ago
- Dashboards and loader for ROCK NSM dashboards☆49Mar 13, 2023Updated 3 years ago
- Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI☆201Dec 11, 2017Updated 8 years ago
- Currently not updated for WMIEvent module...☆262Feb 23, 2016Updated 10 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Jul 23, 2015Updated 10 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Feb 23, 2016Updated 10 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- ☆11Oct 16, 2022Updated 3 years ago
- Enables Zeek to communicate with Tenzir☆11Jul 20, 2023Updated 2 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Oct 31, 2018Updated 7 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Feb 20, 2024Updated 2 years ago
- malware-traffic-analysis.net PCAPs repository.☆37Jun 9, 2016Updated 9 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- Offensive Data Storage☆61Sep 1, 2016Updated 9 years ago
- Live events map as a Kibana plugin☆11Aug 10, 2017Updated 8 years ago
- Security related useful Powershell scripts☆19Sep 13, 2019Updated 6 years ago
- A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.☆252Jul 19, 2021Updated 4 years ago
- ☆16Jun 1, 2018Updated 7 years ago
- Primary data pipelines for intrusion detection, security analytics and threat hunting☆85Jan 9, 2022Updated 4 years ago
- PowerAvails is a unit of collection of Powershell modules that help you get done many things☆118May 31, 2019Updated 6 years ago
- Security Onion Splunk App☆10May 18, 2015Updated 10 years ago
- ☆166Feb 13, 2020Updated 6 years ago
- Import Bro logs from SecurityOnion into Logstash☆15Nov 10, 2015Updated 10 years ago
- ☆26Sep 2, 2016Updated 9 years ago
- A repository for using windows event forwarding for incident detection and response☆1,302Sep 8, 2025Updated 6 months ago
- Bro Intel Feed Linter☆26Aug 30, 2019Updated 6 years ago
- A simple reflective dll example☆19Jan 8, 2017Updated 9 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆83Mar 20, 2023Updated 3 years ago
- Searches For Threat Hunting and Security Analytics☆238Mar 26, 2025Updated 11 months ago
- Bro/Zeek integration with osquery☆93Nov 2, 2020Updated 5 years ago
- Next major release of sniffMyPackets - Now with added packet loving☆12Mar 19, 2015Updated 11 years ago
- An environment for comprehensive, automated analysis of web-based exploits, based on Cuckoo sandbox.☆124Aug 10, 2015Updated 10 years ago