sysmon – PentestTools

DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs

DeepBlueCLI – PowerShell Module for Threat Hunting via Windows Event Logs

November 7, 2020

[sc name=”ad_1″] DeepBlueCLI – a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC...

System Administration

Adaz – Automatically Deploy Customizable Active Directory Labs In Azure

November 5, 2020

Add Comment

[sc name=”ad_1″] This project allows you to easily spin up Active Directory labs in Azure with domain-joined workstations, Windows Event...

Tylium - Primary Data Pipelines For Intrusion Detection, Security Analytics And Threat Hunting

Security Tools

Tylium – Data for Intrusion Detection, Security Analytics and Threat Hunting

October 14, 2019

Add Comment

[sc name=”ad_1″] These files contain configuration for producing EDR (endpoint detection and response) data in addition to standard system logs...

Vulnerability Analysis

MalwLess – Test Blue Team Detections Without Running Any Attack

October 30, 2018

Add Comment

MalwLess is an open source tool that allows you to simulate system compromise or attack behaviours without running processes or PoCs. The tool is designed to...

System Administration

Sigma – Generic Signature Format for SIEM Systems

February 7, 2018

Add Comment

Sigma is a generic and open signature format that allows you to describe relevant log events in a straight forward manner. The rule format is very flexible...

Tag - sysmon

DeepBlueCLI – PowerShell Module for Threat Hunting via Windows Event Logs

Adaz – Automatically Deploy Customizable Active Directory Labs In Azure

Tylium – Data for Intrusion Detection, Security Analytics and Threat Hunting

MalwLess – Test Blue Team Detections Without Running Any Attack

Sigma – Generic Signature Format for SIEM Systems

Topics