sysmon
Here are 112 public repositories matching this topic...
Utilities for working with and testing Sysmon configs against Windows Event Logs
-
Updated
Jul 21, 2023 - Python
Integrated Windows endpoint log management (Docker + ELK(ElasticSearch, Logstash, Kibana) + Winlogbeat based)
-
Updated
Jan 17, 2024 - Shell
Simple system monitoring over MQTT
-
Updated
Feb 20, 2024 - Shell
Detection Logics for Threat Hunting
-
Updated
Feb 8, 2022 - Jupyter Notebook
-
Updated
Nov 15, 2023
A simplified EVTX file parser wrapping 0xrawsec's golang-evtx module
-
Updated
Feb 27, 2024 - Go
Atlas ITSI Content Pack for Linux Sysmon
-
Updated
May 29, 2024
Splunk scripted input to push and install sysmon, with the sysmon config forked by securiyshrimp, from Taylor Swift, to ignore splunk executables.
-
Updated
Jan 14, 2019 - Python
The Granted Access Converter is a utility designed to help users understand and interpret the GrantedAccess values found in Sysmon Event ID 10 logs.
-
Updated
Mar 31, 2023 - HTML
PowerShell module for creating and managing Sysinternals Sysmon config files.
-
Updated
Jan 14, 2018 - PowerShell
PoC for http://www.hexacorn.com/blog/2020/03/29/hiding-process-creation-and-cmd-line-with-a-long-com/
-
Updated
May 1, 2020 - C++
Improve this page
Add a description, image, and links to the sysmon topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the sysmon topic, visit your repo's landing page and select "manage topics."