threathunting / sysmon-config

Related projects ⓘ

Alternatives and complementary repositories for sysmon-config

• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆21Updated 6 years ago
• DearBytes / Opensource-Endpoint-Monitoring
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆33Updated 5 years ago
• PivotAll / PivotAll
  Comprehensive Pivoting Framework
  ☆20Updated 8 years ago
• darkoperator / Presentations
  Presentation Slides
  ☆27Updated 5 years ago
• OneLogicalMyth / toolkit
  Collection of scripts and tools that I created to aid in my testing.
  ☆14Updated 2 years ago
• caschnee / misp-use-cases
  ☆14Updated 6 years ago
• securycore / ThreatHunting
  Powershell collection designed to assist in Threat Hunting Windows systems.
  ☆27Updated 6 years ago
• defensivedepth / Sysmon_OSSEC
  OSSEC Decoder & Rulesets for Sysmon Events
  ☆15Updated 9 years ago
• defensivedepth / Pertinax
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Updated 9 months ago
• MHaggis / app_splunk_sysmon_hunter
  Splunk App to assist Sysmon Threat Hunting
  ☆38Updated 7 years ago
• phainlen / DNS-Hunting
  Use DNS to hunt for threats including DGAs
  ☆14Updated 8 years ago
• johnfranolich / Hunting-Scripts
  A collection of hunting and blue team scripts. Mostly others, some my own.
  ☆38Updated last year
• sans-blue-team / sec455-wiki
  ☆29Updated 6 years ago
• aurel26 / gpocheck
  gpocheck
  ☆30Updated 3 months ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• secgroundzero / ossem_modular
  OSSEM Modular
  ☆27Updated 4 years ago
• l0ss / Get-GPTrashfire
  B-Sides CBR 2018 talk about group policy and Grouper
  ☆39Updated 5 years ago
• hardwaterhacker / scandiff
  Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…
  ☆17Updated 10 years ago
• grayfold3d / POSH-Triage
  Tools for parsing Forensic images
  ☆41Updated 5 years ago
• curi0usJack / activedirectory
  This script runs several security checks and makes modifications (with your permission) to your Active Directory domain to improve it's s…
  ☆45Updated 8 years ago
• spohara79 / TGT---Golden-Silver-Ticket
  Scripts to help hunt for possible golden/silver TGT tickets
  ☆16Updated 7 years ago
• Invoke-IR / PowerForensicsPortable
  ☆31Updated this week
• surbo / OVERFLOW
  Microsoft Flow Attack Framework
  ☆23Updated 5 years ago
• ZephrFish / NessusPreFlight
  Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to …
  ☆16Updated 4 years ago
• bonifield / volatilityGrapher
  Force-Directed Graph Generator for Volatility Ouputs
  ☆26Updated 5 years ago
• olafhartong / SA-Threat-Hunting
  Splunk app for Threat hunting
  ☆15Updated 6 years ago