sysmon-config Logo

sysmon-config

0
Free
Visit Website

A Microsoft Sysinternals Sysmon configuration file template with default high-quality event tracing, serving as a great starting point for system change monitoring. This file, with detailed comments and explanations, also acts as a tutorial for Sysmon and a guide to critical monitoring areas in Windows systems.

FEATURES

ALTERNATIVES

Scalable, cost-effective application recovery to AWS.

A collaborative and open-source incident response platform for sharing observables among analysts.

Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.

Open-source security automation platform for automating security alerts and building AI-assisted workflows.

A DFIR Playbook Spec based on YAML for collaborative incident response processes.

npm security team foils plot to steal $13 million in cryptocurrency

Incident response framework focused on remote live forensics

A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.

PINNED