-
Updated
Nov 15, 2023
sysmon-config
Here are 13 public repositories matching this topic...
The Granted Access Converter is a utility designed to help users understand and interpret the GrantedAccess values found in Sysmon Event ID 10 logs.
-
Updated
Mar 31, 2023 - HTML
Wixsharp based installed MSI for Sysmon and rules from the SwiftOnSecurity project
-
Updated
May 26, 2021 - C#
Ransomware focused Sysmon configuration file template with default high-quality event tracing
-
Updated
Mar 1, 2021
Utility to convert SysInternals' Sysmon binary configuration to XML
-
Updated
Dec 3, 2023 - Python
Converts Sysmon rules to uberAgent ESA Threat Detection rules
-
Updated
Feb 7, 2024 - C#
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
-
Updated
May 15, 2024 - PowerShell
This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
-
Updated
Jul 8, 2019 - Python
Sysmon and wazuh integration with Sigma sysmon rules [updated]
-
Updated
Jul 21, 2021
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
-
Updated
Sep 5, 2023 - HCL
Improve this page
Add a description, image, and links to the sysmon-config topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the sysmon-config topic, visit your repo's landing page and select "manage topics."