sysmon-config
Here are 14 public repositories matching this topic...
-
Updated
Nov 15, 2023
The Granted Access Converter is a utility designed to help users understand and interpret the GrantedAccess values found in Sysmon Event ID 10 logs.
-
Updated
Mar 31, 2023 - HTML
Ransomware focused Sysmon configuration file template with default high-quality event tracing
-
Updated
Mar 1, 2021
Wixsharp based installed MSI for Sysmon and rules from the SwiftOnSecurity project
-
Updated
May 26, 2021 - C#
Utility to convert SysInternals' Sysmon binary configuration to XML
-
Updated
Dec 3, 2023 - Python
Converts Sysmon rules to uberAgent ESA Threat Detection rules
-
Updated
Aug 21, 2024 - C#
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
-
Updated
Sep 10, 2024 - PowerShell
This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
-
Updated
Jul 8, 2019 - Python
Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
-
Updated
Jul 10, 2024 - Batchfile
Sysmon and wazuh integration with Sigma sysmon rules [updated]
-
Updated
Jul 21, 2021
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
-
Updated
Nov 28, 2024
Improve this page
Add a description, image, and links to the sysmon-config topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the sysmon-config topic, visit your repo's landing page and select "manage topics."