A resource for leveraging Windows and Sysmon event codes in threat hunting and incident response.
☆26Sep 29, 2024Updated last year
Alternatives and similar repositories for Windows-Sysmon-Threat-Hunting-Guide
Users that are interested in Windows-Sysmon-Threat-Hunting-Guide are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Personal scripts☆15Sep 11, 2024Updated last year
- Open source HIDS tailored for Microsoft Windows and Active Directory☆31Feb 13, 2026Updated 2 months ago
- RuleVis is a powerful analysis tool that transforms your Wazuh ruleset into a dynamic, interactive force-directed graph. It helps you vis…☆25Nov 12, 2025Updated 5 months ago
- Malware analysis and Reverse Engineering Workshops from Invoke RE☆15Jun 30, 2024Updated last year
- ☆34Mar 4, 2019Updated 7 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Sh3ller is a lightweight C2 framework in its simplest form.☆33Sep 5, 2025Updated 7 months ago
- A python 3 script for extracting messages from Viber Desktop's sqlite message database into a text file.☆11Dec 24, 2019Updated 6 years ago
- Made VRChat Avatar creation and testing easier☆10Apr 24, 2026Updated last week
- AppLocker Policy Generator☆26Aug 25, 2025Updated 8 months ago
- Malware vulnerability intel tool for third-party attackers☆121Oct 24, 2024Updated last year
- Bring runZero Exposure Management into BloodHound☆47Apr 16, 2026Updated 2 weeks ago
- Tiny and fast port scanner (Sliver edition)☆30Feb 17, 2026Updated 2 months ago
- AI-Driven Breach and Attack Simulation Tool (Initial Proof of Concept for AI Pentest Copilot)☆27Jan 6, 2025Updated last year
- ☆24Mar 4, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A small stuff of telegram bot for pentest and information gathering.☆11Oct 3, 2020Updated 5 years ago
- En este repositorio podrás encontrar los ejercicios del canal @aprendePython3 de Telegram así como sus soluciones.☆10May 20, 2020Updated 5 years ago
- 安全好文整理,松鼠症患者福音☆13Nov 30, 2023Updated 2 years ago
- ☆13Dec 28, 2019Updated 6 years ago
- The first open source runtime windows batch and command line deobfuscator☆42Aug 20, 2025Updated 8 months ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- A powerful Python library and CLI tool for parsing, analyzing, and manipulating YARA rules through Abstract Syntax Tree (AST) representat…☆51Updated this week
- Tools and Scripts used in CRTP☆12Apr 27, 2020Updated 6 years ago
- A critical RCE vulnerability in Windows TCP/IP stack (CVE-2025-26686) leaves sensitive memory unlocked, allowing remote attackers to hija…☆32Sep 16, 2025Updated 7 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Turn a standard Raspbian Lite install into a tor-ified wifi access point☆14Aug 3, 2017Updated 8 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 3 years ago
- ☆13Mar 14, 2015Updated 11 years ago
- OWASP Foundation Web Respository☆12Apr 21, 2026Updated last week
- ☆21Feb 24, 2026Updated 2 months ago
- Pound Load Balancer used in RELIANOID ADC for HTTP and HTTPS userspace management. It includes some features developed by the RELIANOID T…☆16Jan 2, 2025Updated last year
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆42Aug 6, 2024Updated last year
- Набор утилит, облегчающих эксплуатацию кластера 1С Предприятие 8☆29Jan 8, 2026Updated 3 months ago
- Taller Cybercamp 2017. Seguridad ofensiva y defensiva con Machine Learning☆11Nov 30, 2017Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- CVE-2025-62215 is an Elevation of Privilege (EoP) vulnerability in the Windows Kernel, disclosed in November 2025 and confirmed to be act…☆31Nov 14, 2025Updated 5 months ago
- Tools used by CSIRT and especially in the scope of CNW☆18Feb 26, 2026Updated 2 months ago
- 「🧹」Clear logs after an invasion☆18Dec 7, 2024Updated last year
- Hardens Windows Server to CIS Standards☆40May 2, 2019Updated 7 years ago
- Python Scripts to Interact with VirusTotal, Malwares.com and Google Safe Browsing.☆11Dec 1, 2016Updated 9 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- An application that open source projects can use to ensure they include relevant documentation (and not secrets or PII!)☆10Mar 29, 2021Updated 5 years ago