reprise99 / 4688-sysmonView external linksLinks
☆61Jun 24, 2023Updated 2 years ago
Alternatives and similar repositories for 4688-sysmon
Users that are interested in 4688-sysmon are comparing it to the libraries listed below
Sorting:
- Powershell sandboxing utility☆19Feb 2, 2026Updated last week
- An Adaptive Misuse Detection System☆46Nov 4, 2024Updated last year
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆21Aug 23, 2024Updated last year
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Jun 24, 2022Updated 3 years ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Apr 27, 2024Updated last year
- Extension functionality for the NightHawk operator client☆26Oct 31, 2023Updated 2 years ago
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆28Oct 10, 2023Updated 2 years ago
- ☆17Jan 21, 2026Updated 3 weeks ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- ☆33Dec 10, 2024Updated last year
- A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri☆36Sep 27, 2024Updated last year
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆60Jun 9, 2025Updated 8 months ago
- ☆18Feb 2, 2026Updated last week
- This is a webshell fingerprinting scanner designed to identify implants on Cisco IOS XE WebUI's affected by CVE-2023-20198 and CVE-2023-2…☆33Oct 24, 2023Updated 2 years ago
- ☆33Feb 26, 2022Updated 3 years ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆21Jan 5, 2025Updated last year
- Extensible Azure Security Tool - Documentation☆83Jun 1, 2023Updated 2 years ago
- Full of public notes and Utilities☆130Jan 6, 2026Updated last month
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 2 years ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆259Jan 23, 2026Updated 3 weeks ago
- This is a collection of Security Baselines that I use in my virtual lab environment.☆22Mar 11, 2020Updated 5 years ago
- ☆38Mar 10, 2025Updated 11 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- ASR Configurator, Essentials and Atomic Testing☆101Apr 14, 2025Updated 10 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆127Dec 5, 2023Updated 2 years ago
- ☆260May 9, 2024Updated last year
- Protect your Domain Controllers by auditing and restricting LDAP requests☆179May 29, 2025Updated 8 months ago
- Cloud-native SIEM for intelligent security analytics for your entire enterprise.☆22Nov 22, 2021Updated 4 years ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆79Jan 26, 2026Updated 2 weeks ago
- ☆42Oct 11, 2023Updated 2 years ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆452Jun 16, 2023Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- Sysmon configuration file template with default high-quality event tracing☆567Jan 21, 2026Updated 3 weeks ago
- ☆43Apr 18, 2023Updated 2 years ago
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,634Updated this week
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆861Jan 20, 2022Updated 4 years ago