Deploy and maintain Symon through the Splunk Deployment Sever
☆32Jul 30, 2020Updated 5 years ago
Alternatives and similar repositories for TA-Sysmon-deploy
Users that are interested in TA-Sysmon-deploy are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Mar 7, 2017Updated 9 years ago
- DNS Dashboard for hunting and identifying beaconing☆17Jul 29, 2020Updated 5 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- Technical add-on to ingest json formatted volatility memory analysis plugin outputs☆13May 21, 2018Updated 8 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Sysmon Splunk App☆47Aug 21, 2018Updated 7 years ago
- Detecting DNS Spoofing, DNS Tunneling, DNS Exfiltration☆36Sep 28, 2015Updated 10 years ago
- A simple DNS exfiltration script☆11Apr 17, 2023Updated 3 years ago
- Splunk app for Threat hunting☆15Nov 15, 2018Updated 7 years ago
- A flexible, easy to use, automation framework allowing users to integrate their capabilities and devices to cut through the repetitive, t…☆12Nov 23, 2022Updated 3 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆294Jan 15, 2024Updated 2 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆55Jan 24, 2018Updated 8 years ago
- ☆13Feb 6, 2018Updated 8 years ago
- Audit Powershell and search from known keywords in history #Blueteam☆25Apr 22, 2020Updated 6 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Matt's DFIR blog☆14Jun 23, 2026Updated 2 weeks ago
- Local Maltego Transforms for crt.sh☆12Sep 8, 2017Updated 8 years ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- PowerShell Script for Agentless Incident Response☆25Apr 5, 2018Updated 8 years ago
- A repository of sysmon configuration modules☆3,074Jun 25, 2026Updated last week
- A Splunk app with saved reports derived from Sigma rules☆73Apr 24, 2018Updated 8 years ago
- ☆13Nov 24, 2019Updated 6 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆944Dec 12, 2023Updated 2 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Ansible playbooks for configuring and managing Splunk Cloud deployments with the Admin Config Service (ACS) API☆29Apr 22, 2026Updated 2 months ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- Automated Use Case Testing☆172May 1, 2018Updated 8 years ago
- This is a Shell Script to setup NTLM hash sniffing using the Raspberry Pi Zero. This tool can be used during Red Team assessments by atta…☆23Jun 7, 2017Updated 9 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Sep 27, 2022Updated 3 years ago
- ☆17Jun 8, 2018Updated 8 years ago
- Guidance on deploying Splunk Enterprise on Azure with automated reference implementation☆31Mar 13, 2023Updated 3 years ago
- A free incident response management and documentation workbook☆25Nov 13, 2018Updated 7 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Python bindings for Yeti's API☆20Sep 12, 2023Updated 2 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆170Dec 10, 2018Updated 7 years ago
- This is a framework written in EnScript to utilize the network capabilities of EnCase. The purpose is to allow for someone to build a qui…☆13Apr 22, 2015Updated 11 years ago
- ☆53Mar 4, 2019Updated 7 years ago
- Python API for the LimaCharlie.io service.☆23Jun 22, 2026Updated 2 weeks ago
- Repository for my ATT&CK analysis research.☆70May 16, 2019Updated 7 years ago
- A tool to convert MISP XML files (events and attributes) into graphs☆20May 13, 2017Updated 9 years ago