olafhartong / sysmon-parser

Related projects ⓘ

Alternatives and complementary repositories for sysmon-parser

• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year
• yasser-alghamdi / winterfell-hunt
  Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…
  ☆14Updated 4 years ago
• ReconInfoSec / adversary-emulation-map
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆16Updated 3 years ago
• Securityinbits / cheatsheet
  These are some of the commands which I use frequently during Malware Analysis and DFIR.
  ☆25Updated 10 months ago
• automate-tim / conference-materials
  Speaking materials from conferences I've given
  ☆9Updated 2 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 4 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• SadProcessor / EzETW
  Cmdlets for capturing Windows Events
  ☆13Updated 2 years ago
• Ben0xA / PowerShellScripts
  Random PowerShell Scripts
  ☆16Updated 3 years ago
• kacos2000 / Win10LiveInfo
  Windows 10 Live Information viewer
  ☆33Updated 2 years ago
• HarmJ0y / Invoke-ADDefense
  Defensive-oriented Active Directory enumeration
  ☆23Updated 8 years ago
• eshlomo1 / Azure-AD-Incident-Response
  Azure AD Incident Response
  ☆24Updated 3 years ago
• gajos112 / SRUM-Timeliner
  ☆10Updated last year
• k3idii / ION
  Indicators of Normality
  ☆12Updated 2 years ago
• acochenour / PSInspect
  PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later
  ☆20Updated 8 years ago
• gpoguy / setpol
  Lets you write arbitrary registry entries to Group Policy related .pol files (e.g. registry.pol)
  ☆11Updated 5 years ago
• ohjeongwook / WindowsEventTools
  Collection Of Scripts And Utilities For Windows Event Hunting
  ☆16Updated 4 years ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 2 years ago
• mgeeky / LISET
  Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…
  ☆27Updated 8 years ago
• davebremer / Export-SysmonLogs
  ☆11Updated 6 years ago
• jsecurity101 / jsecurity101
  ☆14Updated 7 months ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆28Updated 4 years ago
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆16Updated last year
• WithSecureLabs / FLAIR
  F-Secure Lightweight Acqusition for Incident Response (FLAIR)
  ☆16Updated 3 years ago
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆25Updated 2 years ago