Search Results for "sysmon"

This shell script prints short and uniform information about OS such as: CPU, RAM, OS name and version, kernel version, hostname, system load, current processes, network interfaces, total logged in users, hard disks, runlevel, etc. No root or any special superuser's rights are required. Runs under Linux, Android (Termux), Windows (Msys2 and Cygwin), FreeBSD, NetBSD, DragonFly BSD, OpenBSD and other Unix-like systems.

sysmon-modular is a community-driven repository that provides a modular, production-ready set of Sysmon configuration modules designed to be easily composed and tuned for different environments. The project organizes detection logic into per-event modules (for example, process creation, file create, network connection, registry events, image load, and many more) so operators can pick and choose which rules to enable without editing a monolithic XML by hand.

DeepBlueCLI is a PowerShell-centric threat-hunting toolkit built to extract, normalize, and flag suspicious activity from Windows event logs and Sysmon telemetry. It parses common sources—including Windows Security, System, Application, PowerShell logs, and Sysmon event ID 1—then applies a rich set of detection heuristics for things like suspicious account changes, password guessing and spraying, service tampering, PowerShell obfuscation and download-string usage, long or unusual command lines, and credential dumping attempts. ...

An application to inventory, provision, and maintain systems within an enterprise environment.

kimono is a network service monitor similar to sysmon. it aims to monitor services to such an extent that an administrator can be certain of its function, and in case of failure, alert in a number of ways. it stores all data in a SQL database.

Sysmon is a tool to monitorise the state of one or more computers. Its based on a daemon and a php script. The first has to be runned in all boxes you need to check, the second calls the daemon and prints the state into a nice web frontend.