sysmon-modular

Sysmon config repo

A repository of customizable Sysmon configuration modules for security analysis and threat hunting.

A repository of sysmon configuration modules

GitHub
3k stars
164 watching
594 forks
Language: PowerShell
last commit: 6 months ago
Linked from 3 awesome lists

dfirmitre-attackmodularsecurity-toolssysmonthreat-hunting

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
mhaggis/sysmon-dfir A curated collection of resources and tools for learning and implementing Microsoft Sysmon for incident detection, threat hunting, and endpoint security monitoring. 901
swiftonsecurity/sysmon-config A template configuration file for Microsoft Sysinternals' Sysmon to monitor system changes with high-quality event tracing. 4,828
ion-storm/sysmon-config A configuration package for advanced system monitoring using Sysmon, designed to detect and alert on various threat activities and provide forensic visibility. 780
trustedsec/sysmoncommunityguide A community-driven guide to configuring and using the Sysmon security monitoring tool 1,156
neo23x0/sysmon-config A comprehensive Sysmon configuration file template with default high-quality event tracing 457
ion-storm/sysmon-edr A PowerShell-based EDR system with Sysmon integration to detect and respond to security threats. 218
marcosd4h/sysmonx A drop-in replacement for Sysmon that enhances its security features and data collection capabilities. 212
harisekhon/kubernetes-configs A collection of Kubernetes YAML configurations and templates 440
nshalabi/sysmontools Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. 1,492
sud0woodo/dcomrade Automates enumeration of vulnerable DCOM applications to aid in lateral movement and exploitation testing 254
ekrich/sconfig A configuration library supporting multiple platforms and programming languages 118
usnistgov/macos_security Provides automated security guidance and configuration settings for macOS systems. 1,823
rvanlaak/settingsbundle Configuration management bundle for Symfony applications 113
sindresorhus/package-config A tool to get namespaced config from the closest package.json 120
shivas/versioning-bundle Automates version tracking for Symfony applications using Git tags or revision files 112