27 results found Sort:
- Filter by Primary Language:
- Python (6)
- PowerShell (4)
- C# (3)
- Go (2)
- HTML (1)
- JavaScript (1)
- HCL (1)
- C (1)
- C++ (1)
- Batchfile (1)
- +
Main Sigma Rule Repository
Created
2016-12-24
16,167 commits to master branch, last one 19 hours ago
Sysmon configuration file template with default high-quality event tracing
Created
2017-02-01
173 commits to master branch, last one 2 years ago
Automate the creation of a lab environment complete with security tooling and logging best practices
Created
2017-03-25
1,222 commits to master branch, last one about a year ago
Block spying and tracking on Windows
Created
2016-03-04
812 commits to master branch, last one about a year ago
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Created
2017-03-28
466 commits to master branch, last one about a year ago
A repository of sysmon configuration modules
Created
2018-01-13
891 commits to master branch, last one 8 months ago
Utilities for Sysmon
Created
2017-06-10
84 commits to master branch, last one 9 days ago
Open Source EDR for Windows
Created
2018-01-23
204 commits to master branch, last one about a year ago
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Created
2019-05-30
313 commits to master branch, last one 8 months ago
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
Created
2017-01-11
72 commits to master branch, last one 5 months ago
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
Created
2021-03-02
216 commits to master branch, last one 21 days ago
Documentation and scripts to properly enable Windows event logs.
Created
2022-09-22
49 commits to main branch, last one 8 months ago
Investigate suspicious activity by visualizing Sysmon's event log
Created
2018-07-31
7 commits to master branch, last one 5 months ago
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Created
2022-08-22
66 commits to main branch, last one 7 months ago
系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
Created
2021-09-25
94 commits to master branch, last one 4 days ago
Test Blue Team detections without running any attack.
Created
2018-04-29
131 commits to master branch, last one 2 years ago
Neutering Sysmon via driver unload
Created
2019-09-12
27 commits to master branch, last one about a year ago
Sysmon EDR POC Build within Powershell to prove ability.
Created
2021-03-06
21 commits to main branch, last one 3 years ago
Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
Created
2017-07-17
8 commits to master branch, last one 2 years ago
Consolidation of various resources related to Microsoft Sysmon & sample data/log
Created
2018-01-24
650 commits to master branch, last one 2 years ago
Pushes Sysmon Configs
Created
2021-04-19
40 commits to main branch, last one 2 years ago
ThreatSeeker: Threat Hunting via Windows Event Logs
Created
2023-04-11
4 commits to master branch, last one about a year ago
RDLL for Cobalt Strike beacon to silence sysmon process
Created
2022-07-11
13 commits to main branch, last one about a year ago
A Ruleset to enhance detection capabilities of Ossec using Sysmon
Created
2018-11-27
155 commits to master branch, last one 2 years ago
SysEye是一个window上的基于att&ck现代EDR设计思想的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Created
2022-08-04
36 commits to main branch, last one about a year ago
Sysmon and wazuh integration with Sigma sysmon rules [updated]
Created
2018-09-14
13 commits to master branch, last one 2 years ago
This repository contains Splunk queries to hunt some anomalies
Created
2022-04-08
65 commits to main branch, last one about a year ago