sysmon-edr
EDR solution
A PowerShell-based EDR system with Sysmon integration to detect and respond to security threats.
Sysmon EDR POC Build within Powershell to prove ability.
218 stars
11 watching
27 forks
Language: PowerShell
last commit: over 3 years ago
Linked from 1 awesome list
edrsysmonsysmon-edr
inquest/awesome-yaraRelated projects:
| Repository | Description | Stars |
|---|---|---|
| ion-storm/sysmon-config | A configuration package for advanced system monitoring using Sysmon, designed to detect and alert on various threat activities and provide forensic visibility. | 780 |
 0xrawsec/whids | An open source EDR solution designed to provide real-time incident response capabilities by detecting potential security threats on Windows systems. | 1,157 |
 mhaggis/sysmon-dfir | A curated collection of resources and tools for learning and implementing Microsoft Sysmon for incident detection, threat hunting, and endpoint security monitoring. | 901 |
 olafhartong/sysmon-modular | A repository of customizable Sysmon configuration modules for security analysis and threat hunting. | 2,678 |
 scarredmonk/sysmonsimulator | A utility to simulate Windows event logs for testing EDR detections and correlation rules | 834 |
 swiftonsecurity/sysmon-config | A template configuration file for Microsoft Sysinternals' Sysmon to monitor system changes with high-quality event tracing. | 4,828 |
 gridhead/sysmon | A remotely-accessible system performance monitoring and task management tool for servers and Raspberry Pi setups | 191 |
 dcso/fever | A fast and extensible system for processing JSON events from security monitoring tools | 51 |
 securityjoes/forensicminer | Automates evidence collection and analysis from Windows machines using PowerShell. | 149 |
 securityriskadvisors/talr | A repository for collecting and sharing SIEM rules in STIX format for automated translation to Sigma syntax | 89 |
 t0pcyber/hawk | A PowerShell-based tool to gather information on O365 intrusions and potential breaches. | 722 |
 yspreen/aoc | An AOC CLI tool that automates puzzle solving and installation | 6 |
 nshalabi/sysmontools | Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. | 1,492 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |