| SigmaHQ/sigma |
7,267 |
|
3 |
2 |
about 2 years ago |
35 |
January 13, 2019 |
22 |
other |
Python |
| Main Sigma Rule Repository |
| SwiftOnSecurity/sysmon-config |
4,391 |
|
0 |
0 |
over 2 years ago |
0 |
|
78 |
|
|
| Sysmon configuration file template with default high-quality event tracing |
| nshalabi/SysmonTools |
1,405 |
|
0 |
0 |
over 2 years ago |
0 |
|
7 |
|
|
| Utilities for Sysmon |
| netevert/sentinel-attack |
1,029 |
|
0 |
0 |
over 2 years ago |
0 |
|
12 |
mit |
HCL |
| Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK |
| ion-storm/sysmon-config |
529 |
|
0 |
0 |
about 7 years ago |
0 |
|
|
|
Batchfile |
| Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing |
| bats3c/Ghost-In-The-Logs |
297 |
|
0 |
0 |
about 6 years ago |
0 |
|
0 |
mit |
C |
| Evade sysmon and windows event logging |
| AustralianCyberSecurityCentre/windows_event_logging |
160 |
|
0 |
0 |
over 4 years ago |
0 |
|
0 |
bsd-3-clause |
PowerShell |
| Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging. |
| mkorman90/sysmon-config-bypass-finder |
68 |
|
0 |
0 |
over 7 years ago |
0 |
|
0 |
gpl-3.0 |
Python |
| Detect possible sysmon logging bypasses given a specific configuration |
| ceramicskate0/SWELF |
24 |
|
0 |
0 |
almost 3 years ago |
0 |
|
15 |
agpl-3.0 |
C# |
| Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest. |
| jhochwald/Universal-Winlogbeat-configuration |
15 |
|
0 |
0 |
about 4 years ago |
0 |
|
1 |
bsd-3-clause |
|
| Universal Winlogbeat configuration |
