sysmon topic
DuckSysEye
SysEye是一个window上的基于att&ck现代EDR设计思想的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
SysmonConfigPusher
Pushes Sysmon Configs
SysmonResources
Consolidation of various resources related to Microsoft Sysmon & sample data/log
ossec-sysmon
A Ruleset to enhance detection capabilities of Ossec using Sysmon
sysmon-edr
Sysmon EDR POC Build within Powershell to prove ability.
SWELF
Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
system-monitor
Qt based replacement for gnome system monitor
MuteSysmon
A PowerShell script to prevent Sysmon from writing its events
Universal-Winlogbeat-configuration
Universal Winlogbeat configuration
TA-Sysmon-deploy
Deploy and maintain Symon through the Splunk Deployment Sever