sysmon-config
Here are 14 public repositories matching this topic...
Language:All
Sort:Most stars
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
- Updated
Nov 28, 2024
Sysmon and wazuh integration with Sigma sysmon rules [updated]
- Updated
Jul 21, 2021
Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
- Updated
Jul 10, 2024 - Batchfile
This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
- Updated
Jul 8, 2019 - Python
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
- Updated
Feb 10, 2025 - PowerShell
Converts Sysmon rules to uberAgent ESA Threat Detection rules
- Updated
Aug 21, 2024 - C#
Utility to convert SysInternals' Sysmon binary configuration to XML
- Updated
Dec 3, 2023 - Python
Wixsharp based installed MSI for Sysmon and rules from the SwiftOnSecurity project
- Updated
May 26, 2021 - C#
The Granted Access Converter is a utility designed to help users understand and interpret the GrantedAccess values found in Sysmon Event ID 10 logs.
- Updated
Mar 31, 2023 - HTML
Ransomware focused Sysmon configuration file template with default high-quality event tracing
- Updated
Mar 1, 2021
- Updated
Nov 15, 2023
Improve this page
Add a description, image, and links to thesysmon-config topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with thesysmon-config topic, visit your repo's landing page and select "manage topics."