A Microsoft Sysinternals Sysmon configuration file template with default high-quality event tracing, serving as a great starting point for system change monitoring. This file, with detailed comments and explanations, also acts as a tutorial for Sysmon and a guide to critical monitoring areas in Windows systems.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.
A framework for accumulating, describing, and classifying actionable Incident Response techniques
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
Scripts to quickly fix security and compliance issues
Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger