sysmon topic
iMonitorSDK
系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
MalwLess
Test Blue Team detections without running any attack.
attack_monitor
Endpoint detection & Malware analysis software
sysmon-dfir
Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
SysmonSearch
Investigate suspicious activity by visualizing Sysmon's event log
windows_event_logging
Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
gene
Signature engine for all your logs
SysmonQuiet
RDLL for Cobalt Strike beacon to silence sysmon process