sysmon
Here are 111 public repositories matching this topic...
Utilities for working with and testing Sysmon configs against Windows Event Logs
-
Updated
Jul 21, 2023 - Python
Detection Logics for Threat Hunting
-
Updated
Feb 8, 2022 - Jupyter Notebook
Sysmon configuration file template from SwiftOnSecurity with a few PRs merged and install/updates scripts from threathunting.
-
Updated
Jan 19, 2023 - Batchfile
Integrated Windows endpoint log management (Docker + ELK(ElasticSearch, Logstash, Kibana) + Winlogbeat based)
-
Updated
Jan 17, 2024 - Shell
Simple system monitoring over MQTT
-
Updated
Feb 20, 2024 - Shell
A simplified EVTX file parser wrapping 0xrawsec's golang-evtx module
-
Updated
Feb 27, 2024 - Go
Splunk scripted input to push and install sysmon, with the sysmon config forked by securiyshrimp, from Taylor Swift, to ignore splunk executables.
-
Updated
Jan 14, 2019 - Python
The Granted Access Converter is a utility designed to help users understand and interpret the GrantedAccess values found in Sysmon Event ID 10 logs.
-
Updated
Mar 31, 2023 - HTML
-
Updated
Nov 15, 2023
PowerShell module for creating and managing Sysinternals Sysmon config files.
-
Updated
Jan 14, 2018 - PowerShell
PoC for http://www.hexacorn.com/blog/2020/03/29/hiding-process-creation-and-cmd-line-with-a-long-com/
-
Updated
May 1, 2020 - C++
Improve this page
Add a description, image, and links to the sysmon topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the sysmon topic, visit your repo's landing page and select "manage topics."