threat-hunting-via-sysmon topic

List threat-hunting-via-sysmon repositories

trafficstars

ETWProcessMon2

283

Stars

Forks

Watchers

ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

DamonMohammadbagher

blueteam

cobaltstrike-detection

detection-etw-events

etw

BEV4

Stars

Forks

Watchers

BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detections via yaml files

DamonMohammadbagher

atomic-red-team

blue-team-tool

blueteaming

event-monitoring