27 results found Sort:
- Filter by Primary Language:
- Python (6)
- PowerShell (4)
- C# (3)
- Batchfile (2)
- Go (2)
- JavaScript (1)
- HTML (1)
- C (1)
- +
Main Sigma Rule Repository
Created
2016-12-24
16,323 commits to master branch, last one a day ago
Sysmon configuration file template with default high-quality event tracing
Created
2017-02-01
173 commits to master branch, last one 3 years ago
Block spying and tracking on Windows
Created
2016-03-04
812 commits to master branch, last one about a year ago
Automate the creation of a lab environment complete with security tooling and logging best practices
Created
2017-03-25
1,222 commits to master branch, last one about a year ago
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Created
2017-03-28
466 commits to master branch, last one 2 years ago
A repository of sysmon configuration modules
Created
2018-01-13
891 commits to master branch, last one about a year ago
Utilities for Sysmon
Created
2017-06-10
84 commits to master branch, last one 6 months ago
Open Source EDR for Windows
Created
2018-01-23
204 commits to master branch, last one 2 years ago
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Created
2019-05-30
321 commits to master branch, last one 5 days ago
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
Created
2017-01-11
72 commits to master branch, last one 11 months ago
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
Created
2021-03-02
230 commits to master branch, last one about a month ago
Documentation and scripts to properly enable Windows event logs.
Created
2022-09-22
49 commits to main branch, last one about a year ago
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Created
2022-08-22
66 commits to main branch, last one about a year ago
Investigate suspicious activity by visualizing Sysmon's event log
Created
2018-07-31
7 commits to master branch, last one 11 months ago
The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
Created
2021-09-25
2 commits to master branch, last one about a month ago
Test Blue Team detections without running any attack.
Created
2018-04-29
131 commits to master branch, last one 3 years ago
Neutering Sysmon via driver unload
Created
2019-09-12
27 commits to master branch, last one 2 years ago
Sysmon EDR POC Build within Powershell to prove ability.
Created
2021-03-06
21 commits to main branch, last one 3 years ago
Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
Created
2017-07-17
8 commits to master branch, last one 3 years ago
ThreatSeeker: Threat Hunting via Windows Event Logs
Created
2023-04-11
4 commits to master branch, last one about a year ago
Consolidation of various resources related to Microsoft Sysmon & sample data/log
Created
2018-01-24
650 commits to master branch, last one 3 years ago
Pushes Sysmon Configs
Created
2021-04-19
40 commits to main branch, last one 3 years ago
A Ruleset to enhance detection capabilities of Ossec using Sysmon
This repository has been archived
(exclude archived)
Created
2018-11-27
155 commits to master branch, last one 3 years ago
RDLL for Cobalt Strike beacon to silence sysmon process
Created
2022-07-11
13 commits to main branch, last one 2 years ago
SysEye是一个window上的基于att&ck现代EDR设计思想的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
Created
2022-08-04
36 commits to main branch, last one 2 years ago
Sysmon and wazuh integration with Sigma sysmon rules [updated]
Created
2018-09-14
13 commits to master branch, last one 3 years ago
This repository contains Splunk queries to hunt some anomalies
Created
2022-04-08
65 commits to main branch, last one 2 years ago