threathunting / sysmon-config
Sysmon configuration file template with default high-quality event tracing
☆11Updated 6 years ago
Related projects: ⓘ
- ☆17Updated this week
- This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.☆21Updated 6 years ago
- Splunk app for Threat hunting☆15Updated 5 years ago
- OSSEC Decoder & Rulesets for Sysmon Events☆15Updated 9 years ago
- ☆14Updated 6 years ago
- ☆38Updated 4 years ago
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15Updated 5 years ago
- ☆22Updated this week
- ☆26Updated this week
- Information about most important hunts which can be performed by Threat hunters while searching for any adversary/threats inside the orga…☆15Updated 5 years ago
- ☆29Updated 4 years ago
- Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…☆17Updated 9 years ago
- Scripts to help hunt for possible golden/silver TGT tickets☆16Updated 7 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆33Updated 5 years ago
- Automated forensics written in PowerShell☆32Updated 4 years ago
- Collection of scripts and tools that I created to aid in my testing.☆13Updated 2 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 2 years ago
- incident response scripts☆18Updated 5 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆37Updated last year
- Tools for parsing Forensic images☆41Updated 5 years ago
- Build your own threat hunting maturity model☆12Updated 6 years ago
- OSSEM Modular☆27Updated 4 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Updated 6 years ago
- gpocheck☆30Updated last month
- ☆12Updated 4 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆30Updated 7 months ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 7 years ago
- B-Sides CBR 2018 talk about group policy and Grouper☆39Updated 5 years ago
- ☆40Updated this week