Found 167 repositories(showing 30)
SwiftOnSecurity
Sysmon configuration file template with default high-quality event tracing
edoardogerosa
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
darkoperator
PowerShell module for creating and managing Sysinternals Sysmon config files.
mkorman90
Detect possible sysmon logging bypasses given a specific configuration
LaresLLC
Pushes Sysmon Configs
sametsazak
Sysmon and wazuh integration with Sigma sysmon rules [updated]
0xAnalyst
Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
bobby-tablez
This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malware analysis. This can be used in production, however you might want to tune the GPO edits as needed.
DearBytes
This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
Antonlovesdnb
Sysmon Config Pusher - Modernized
Infinit3i
Import and export custom Sysmon configurations using an interactive GUI that lets you build event rules, manage filters, and generate clean XML configs without manually editing Sysmon files.
j91321
Ansible role for installing Sysmon with popular config files included.
paolokappa
Comprehensive Sysmon configuration file (sysmon_config.xml) specifically designed for integration with Wazuh SIEM. The configuration is optimized to detect and monitor security-relevant events based on MITRE ATT&CK framework techniques.
bakedmuffinman
No description available
deep-security
No description available
bananagobananza
A web application dedicated to write sysmon configuration file
padfoot999
https://github.com/Swiftonsecurity/sysmon-config
gavz
Just another sysmon config
bobby-tablez
Sysmon Config for Linux
Plainbit
사이버 위협을 탐지 및 분석을 위한 Sysmon Configure
Infinit3i
Detection Wizard brings YARA, Suricata, Sigma, Sysmon, QRadar, Splunk, and IOCs into one powerful interface for powerful rule management and threat detection.
thejanit0r
Utility to convert SysInternals' Sysmon binary configuration to XML
0xrawsec
Sysmon Configuration Files
Sysmon configuration to get all the logs needed to forensics, almost everything but the most common dlls.
vastlimits
Converts Sysmon rules to uberAgent ESA Threat Detection rules
ToolsHive
A cutting-edge, real-time security monitoring system, designed to revolutionize your network's defense
pcsg-community
No description available
defensivedepth
Project to convert Sysmon config filters to Elastic Agent - Defend Integration filters
yukh1402
The Granted Access Converter is a utility designed to help users understand and interpret the GrantedAccess values found in Sysmon Event ID 10 logs.
jakawal
Sysmon configuration file