Main Sigma Rule Repository
Sysmon configuration file template with default high-quality event tracing
Automate the creation of a lab environment complete with security toolin...
Block spying and tracking on Windows
A community-driven, open-source project to share detection logic, advers...
A repository of sysmon configuration modules
Utilities for Sysmon
Open Source EDR for Windows
Tools to rapidly deploy a threat hunting capability on Azure Sentinel th...
Sources, configuration and how to detect evil things utilizing Microsoft...
Documentation and scripts to properly enable Windows event logs.
Investigate suspicious activity by visualizing Sysmon's event log
戎码之眼是一个window上的基于att&ck模型的威胁监控工具.有效检测常见的未知...
系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网...
Test Blue Team detections without running any attack.