[sc name=”ad_1″] This is a tool that allows you to offensively use YARA to apply a filter to the events being reported by windows event logging...
Search Results For - Sysmon
[sc name=”ad_1″] DeepBlueCLI – a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC...
[sc name=”ad_1″] This project allows you to easily spin up Active Directory labs in Azure with domain-joined workstations, Windows Event...
[sc name=”ad_1″] Wireshark plugin to work with Event Tracing for Windows Microsoft Message Analyzer is being retired and its download packages were...
[sc name=”ad_1″] Pentest Cyber Range for a small Active Directory Domain. Automated templates for building your own Pentest/Red Team/Cyber Range in...
[sc name=”ad_1″] A tool to assess data quality, built on top of the awesome OSSEM project. Mission Answer the question: I want to start hunting...
[sc name=”ad_1″] These files contain configuration for producing EDR (endpoint detection and response) data in addition to standard system logs...
[sc name=”ad_1″] Grapl is an open source platform for Detection and Response (D&R). The position that Grapl takes is that Graphs provide a more...
MalwLess is an open source tool that allows you to simulate system compromise or attack behaviours without running processes or PoCs. The tool is designed to...
Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes...