| SigmaHQ/sigma |
7,267 |
|
3 |
2 |
about 2 years ago |
35 |
January 13, 2019 |
22 |
other |
Python |
| Main Sigma Rule Repository |
| clong/DetectionLab |
4,394 |
|
0 |
0 |
about 3 years ago |
0 |
|
31 |
mit |
HTML |
| Automate the creation of a lab environment complete with security tooling and logging best practices |
| SwiftOnSecurity/sysmon-config |
4,391 |
|
0 |
0 |
over 2 years ago |
0 |
|
78 |
|
|
| Sysmon configuration file template with default high-quality event tracing |
| crazy-max/WindowsSpyBlocker |
3,920 |
|
0 |
0 |
almost 3 years ago |
0 |
|
35 |
mit |
Go |
| Block spying and tracking on Windows |
| OTRF/ThreatHunter-Playbook |
3,740 |
|
0 |
0 |
almost 3 years ago |
0 |
|
5 |
mit |
Python |
| A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient. |
| splunk/attack_range |
1,874 |
|
0 |
0 |
about 2 years ago |
0 |
|
9 |
apache-2.0 |
Jinja |
| A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk |
| nshalabi/SysmonTools |
1,405 |
|
0 |
0 |
over 2 years ago |
0 |
|
7 |
|
|
| Utilities for Sysmon |
| trustedsec/SysmonCommunityGuide |
1,009 |
|
0 |
0 |
over 2 years ago |
0 |
|
7 |
|
CSS |
| TrustedSec Sysinternals Sysmon Community Guide |
| 0xrawsec/whids |
921 |
|
0 |
0 |
about 3 years ago |
21 |
August 08, 2022 |
17 |
agpl-3.0 |
Go |
| Open Source EDR for Windows |
| MHaggis/sysmon-dfir |
872 |
|
0 |
0 |
over 2 years ago |
0 |
|
0 |
gpl-3.0 |
|
| Sources, configuration and how to detect evil things utilizing Microsoft Sysmon. |
