Sysmon and wazuh integration with Sigma sysmon rules [updated]
☆72Jul 21, 2021Updated 4 years ago
Alternatives and similar repositories for sysmon
Users that are interested in sysmon are comparing it to the libraries listed below
Sorting:
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆96Apr 13, 2022Updated 3 years ago
- ☆22Mar 1, 2022Updated 4 years ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Jul 21, 2020Updated 5 years ago
- Our collection of Wazuh detection rules for our Offense Lab☆18Feb 13, 2022Updated 4 years ago
- Wazuh integration TheHive☆41Feb 21, 2023Updated 3 years ago
- Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug☆11Jun 20, 2020Updated 5 years ago
- ☆18Oct 20, 2021Updated 4 years ago
- Useful scripts for those administering Wazuh☆92Jan 6, 2026Updated last month
- SIAC is an enterprise SIEM built on open-source technology.☆113Oct 31, 2018Updated 7 years ago
- ☆20Jan 20, 2023Updated 3 years ago
- Tools to integrate 2 great security tools OPNsense and Wazuh☆31Aug 26, 2021Updated 4 years ago
- Wazuh - Quality Assurance☆67Oct 31, 2025Updated 4 months ago
- Wazuh - RESTful API☆80Sep 17, 2024Updated last year
- Wazuh - Chef cookbooks☆24Jul 26, 2023Updated 2 years ago
- Script to output Azure IAM permissions and flag any explicit/owner permissions for review☆10May 18, 2020Updated 5 years ago
- This is the official repository for Basic Malware Analysis Course☆20Jan 11, 2022Updated 4 years ago
- ☆41Aug 26, 2023Updated 2 years ago
- Configurations to implement Wazuh☆12Nov 28, 2022Updated 3 years ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 8 months ago
- opsi-script aka. opsi-winst and other various tools.☆10Feb 11, 2026Updated 2 weeks ago
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- Sysmon Tools for PowerShell☆12Aug 17, 2018Updated 7 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Jul 27, 2020Updated 5 years ago
- Purple Team Workshop by @jorgeorchilles☆12Apr 26, 2025Updated 10 months ago
- A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Windows Events and Sys…☆12Apr 13, 2017Updated 8 years ago
- Tool to identify all domains contained in an IP anonymously☆15Jun 4, 2017Updated 8 years ago
- Centralized Active Directory Auditing Tool☆21Oct 28, 2022Updated 3 years ago
- ☆13Apr 8, 2022Updated 3 years ago
- SharpShareFinder is a minimalistic network share discovery POC designed to enumerate shares in Windows Active Directory networks leveragi…☆36Jul 10, 2024Updated last year
- With the help of this docker image, you can easily access PEzor on your system!☆15Mar 10, 2022Updated 3 years ago
- Personal scripts☆15Sep 11, 2024Updated last year
- ☆15Jun 4, 2018Updated 7 years ago
- Crowdstrike response script containing various functions for IR/triage☆12Dec 7, 2020Updated 5 years ago
- Threat Simulator for Enterprise Networks☆14May 14, 2022Updated 3 years ago
- Tools for Wazuh by Juan C. Tello☆15Jan 13, 2022Updated 4 years ago
- A wrapper for capstone for bearparser☆16Oct 8, 2025Updated 4 months ago
- Django middleware and signals for handling security events☆13Apr 14, 2021Updated 4 years ago
- Open-source powered SIEM, Vulnerability Scanning, Host- & Network-IDS. Built upon Elastic Stack, OpenVAS, Suricata. Wrapped in a Python F…☆16Sep 2, 2022Updated 3 years ago
- Zabbix Templates and scripts to monitor OSSEC or Wazuh Manager Intrusion Detection☆14Sep 18, 2025Updated 5 months ago