A repository of sysmon configuration modules

A repository of Sysmon For Linux configuration modules

"A modular framework for advanced EDR evasion on Windows x64, featuring dynamic syscalls, AES encryption, and process hollowing. 85% evasion rate against Sysmon."

No description available

Modular zsh configuration with expressive prompt, iTerm2 dev workspace (devterm), system monitoring (sysmon), and auto-dependency management. macOS-first, Linux-compatible.

YARA→Sigma converter V1 & V2 : modular engine with web UI & CLI; pipelines for Sysmon/WinSec; outputs queries for Elastic, Splunk, Sentinel, QRadar & more.

No description available

A repository of sysmon configuration modules

No description available

No description available

No description available

No description available

sysmon modular testing

No description available

Differents sysmon config, inspirede by sysmon modular projet

Sysmon v15.15 on Windows Server 2022 using Olaf Hartong’s sysmon-modular config; validated Event IDs 1/3/11 and prepped for SIEM

A modular, end-to-end analytics pipeline for behavioral detection, drift analysis, and triage using Windows Sysmon telemetry.

A modular, end-to-end analytics pipeline for behavioral detection, drift analysis, and triage using Windows Sysmon telemetry.

SysmonGuard is a modular and production-ready PowerShell tool designed for enterprise environments. It automates the installation, configuration, and uninstallation of Sysmon on Windows clients using best practices.

This is a research project aimed at improving the detection and attribution capabilities of the the prior ADAPT models. It uses Atomic Red Tea (ART) for threat emulation and sysmon-modular for detection. The primary detection parameter is the MITRE ATT&CK Technique ID.