SysmonCommunityGuide
Sysmon config guide
A community-driven guide to configuring and using the Sysmon security monitoring tool
TrustedSec Sysinternals Sysmon Community Guide
1k stars
79 watching
167 forks
Language: CSS
last commit: 9 months ago
Linked from 1 awesome list
stuhli/awesome-event-idsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 swiftonsecurity/sysmon-config | A template configuration file for Microsoft Sysinternals' Sysmon to monitor system changes with high-quality event tracing. | 4,828 |
 neo23x0/sysmon-config | A comprehensive Sysmon configuration file template with default high-quality event tracing | 457 |
 olafhartong/sysmon-modular | A repository of customizable Sysmon configuration modules for security analysis and threat hunting. | 2,678 |
 mhaggis/sysmon-dfir | A curated collection of resources and tools for learning and implementing Microsoft Sysmon for incident detection, threat hunting, and endpoint security monitoring. | 901 |
 ion-storm/sysmon-config | A configuration package for advanced system monitoring using Sysmon, designed to detect and alert on various threat activities and provide forensic visibility. | 780 |
 so87/cissp-study-guide | Study materials and tools for preparing for the CISSP security certification exam | 558 |
 usnistgov/macos_security | Provides automated security guidance and configuration settings for macOS systems. | 1,823 |
| trustedsec/coffloader | Tools and utilities for loading, testing, and analyzing malicious COFF files | 483 |
 aws/aws-sdk-php-symfony | A Symfony bundle for managing AWS services in PHP applications. | 349 |
 sektioneins/pcc | Automates checks for PHP configuration security vulnerabilities | 816 |
 jpcertcc/sysmonsearch | Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. | 419 |
| ion-storm/sysmon-edr | A PowerShell-based EDR system with Sysmon integration to detect and respond to security threats. | 218 |
 ssllabs/research | Provides resources and guidance on configuring and assessing SSL/TLS settings for secure network communications | 2,169 |
| trustedsec/pplfaultdumpbof | Tools for analyzing PPLFault-related malware behavior on Windows 10 | 134 |