SysmonCommunityGuide
Sysmon config guide
A community-driven guide to configuring and using the Sysmon security monitoring tool
TrustedSec Sysinternals Sysmon Community Guide
1k stars
79 watching
164 forks
Language: CSS
last commit: 6 months ago
Linked from 1 awesome list
Related projects:
Repository | Description | Stars |
---|---|---|
swiftonsecurity/sysmon-config | A template configuration file for Microsoft Sysinternals' Sysmon to monitor system changes with high-quality event tracing. | 4,810 |
neo23x0/sysmon-config | A comprehensive Sysmon configuration file template with default high-quality event tracing | 454 |
olafhartong/sysmon-modular | A repository of customizable Sysmon configuration modules for security analysis and threat hunting. | 2,664 |
mhaggis/sysmon-dfir | A curated collection of resources and tools for learning and implementing Microsoft Sysmon for incident detection, threat hunting, and endpoint security monitoring. | 899 |
ion-storm/sysmon-config | A configuration package for advanced system monitoring using Sysmon, designed to detect and alert on various threat activities and provide forensic visibility. | 775 |
so87/cissp-study-guide | Study materials and tools for preparing for the CISSP security certification exam | 555 |
usnistgov/macos_security | Provides automated security guidance and configuration settings for macOS systems. | 1,792 |
trustedsec/coffloader | Tools and utilities for loading, testing, and analyzing malicious COFF files | 471 |
aws/aws-sdk-php-symfony | A Symfony bundle for managing AWS services in PHP applications. | 351 |
sektioneins/pcc | Automates checks for PHP configuration security vulnerabilities | 814 |
jpcertcc/sysmonsearch | Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. | 417 |
ion-storm/sysmon-edr | A PowerShell-based EDR system with Sysmon integration to detect and respond to security threats. | 218 |
ssllabs/research | Provides resources and guidance on configuring and assessing SSL/TLS settings for secure network communications | 2,167 |
trustedsec/pplfaultdumpbof | Tools for analyzing PPLFault-related malware behavior on Windows 10 | 133 |