olafhartong / TA-Sysmon-deployView external linksLinks
Deploy and maintain Symon through the Splunk Deployment Sever
☆32Jul 30, 2020Updated 5 years ago
Alternatives and similar repositories for TA-Sysmon-deploy
Users that are interested in TA-Sysmon-deploy are comparing it to the libraries listed below
Sorting:
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 8 years ago
- This is a Shell Script to setup NTLM hash sniffing using the Raspberry Pi Zero. This tool can be used during Red Team assessments by atta…☆23Jun 7, 2017Updated 8 years ago
- Sysmon Tools for PowerShell☆232Aug 17, 2018Updated 7 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- ☆10Nov 21, 2023Updated 2 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆289Jan 15, 2024Updated 2 years ago
- A free incident response management and documentation workbook☆25Nov 13, 2018Updated 7 years ago
- Powershell Functions to interact with TheHive-Project☆11Jun 27, 2019Updated 6 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 7 years ago
- Sysmon Splunk App☆47Aug 21, 2018Updated 7 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- 在一定条件下可执行命令☆11Feb 21, 2020Updated 5 years ago
- DNS Dashboard for hunting and identifying beaconing☆16Jul 29, 2020Updated 5 years ago
- Matt's DFIR blog☆14Jul 28, 2025Updated 6 months ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Jul 13, 2017Updated 8 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a qui…☆13Apr 22, 2015Updated 10 years ago
- Library and tools to access the Windows SuperFetch database format☆13Nov 29, 2025Updated 2 months ago
- A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, t…☆12Nov 23, 2022Updated 3 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- Clean public password dump files and store in ELK☆37Jan 24, 2018Updated 8 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- Checks observables/ioc in TheHive/Cortex against the MISP warningslists☆14Dec 27, 2017Updated 8 years ago
- This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…☆15Sep 5, 2020Updated 5 years ago
- MSFVenom Powershell Stager Encoder & Generator☆16Apr 3, 2021Updated 4 years ago
- Personal repository with handy cheatsheets.☆16Oct 23, 2016Updated 9 years ago
- ☆13Nov 24, 2019Updated 6 years ago
- Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.☆24Jan 15, 2026Updated 3 weeks ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- Common Sense Security Framework☆15Apr 26, 2018Updated 7 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Apr 24, 2018Updated 7 years ago
- Registry timestamp manipulation☆17Feb 26, 2014Updated 11 years ago
- ☆18Jun 8, 2018Updated 7 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- Docker container for MISP☆96Jun 20, 2018Updated 7 years ago
- Splunk app for Threat hunting☆15Nov 15, 2018Updated 7 years ago
- OS X Strata builds upon Yelps OSXCollector, providing a user interface to analyze data collected from a potentially compromised system.☆14Jul 3, 2019Updated 6 years ago