sysmon-modular
Sysmon config repo
A repository of customizable Sysmon configuration modules for security analysis and threat hunting.
A repository of sysmon configuration modules
3k stars
164 watching
594 forks
Language: PowerShell
last commit: about 1 year ago
Linked from 3 awesome lists
dfirmitre-attackmodularsecurity-toolssysmonthreat-hunting
meirwah/awesome-incident-response
0x4d31/awesome-threat-detection
stuhli/awesome-event-idsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 mhaggis/sysmon-dfir | A curated collection of resources and tools for learning and implementing Microsoft Sysmon for incident detection, threat hunting, and endpoint security monitoring. | 901 |
 swiftonsecurity/sysmon-config | A template configuration file for Microsoft Sysinternals' Sysmon to monitor system changes with high-quality event tracing. | 4,828 |
 ion-storm/sysmon-config | A configuration package for advanced system monitoring using Sysmon, designed to detect and alert on various threat activities and provide forensic visibility. | 780 |
 trustedsec/sysmoncommunityguide | A community-driven guide to configuring and using the Sysmon security monitoring tool | 1,156 |
 neo23x0/sysmon-config | A comprehensive Sysmon configuration file template with default high-quality event tracing | 457 |
| ion-storm/sysmon-edr | A PowerShell-based EDR system with Sysmon integration to detect and respond to security threats. | 218 |
 marcosd4h/sysmonx | A drop-in replacement for Sysmon that enhances its security features and data collection capabilities. | 212 |
 harisekhon/kubernetes-configs | A collection of Kubernetes YAML configurations and templates | 440 |
 nshalabi/sysmontools | Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. | 1,492 |
 sud0woodo/dcomrade | Automates enumeration of vulnerable DCOM applications to aid in lateral movement and exploitation testing | 254 |
 ekrich/sconfig | A configuration library supporting multiple platforms and programming languages | 118 |
 usnistgov/macos_security | Provides automated security guidance and configuration settings for macOS systems. | 1,823 |
 rvanlaak/settingsbundle | Configuration management bundle for Symfony applications | 113 |
 sindresorhus/package-config | A tool to get namespaced config from the closest package.json | 120 |
 shivas/versioning-bundle | Automates version tracking for Symfony applications using Git tags or revision files | 112 |