sysmon-config VS ThreatHunting-Keywords

Compare sysmon-config vs ThreatHunting-Keywords and see what are their differences.

sysmon-config

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
Sysmon Threatintel threat-hunting Netsec sysinternals Logging Graylog graylog-plugin Dfir threat-intelligence threat-sharing threat-analysis mitre-attack digitalforensics forensic-analysis forensicartifacts Forensics Siem sigma-rules humio
Source Code
Suggest alternative
Edit details

ThreatHunting-Keywords

Awesome list of keywords and artifacts for Threat Hunting sessions (by mthcht)
awesome-list Blueteam detection-engineering endpoint-security iocs keyword-extraction Keywords network-analysis offensive-scripts offensive-security Redteam Siem soc Splunk threat-hunting threat-intelligence threathunting Tools
Source Code
mthcht.github.io
Suggest alternative
Edit details
WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors
sysmon-config ThreatHunting-Keywords
1 1
749 337
- -
7.2 9.4
6 months ago 7 days ago
PowerShell HTML
GNU Lesser General Public License v3.0 only MIT License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

sysmon-config

Posts with mentions or reviews of sysmon-config. We have used some of these posts to build our list of alternatives and similar projects.

ThreatHunting-Keywords

Posts with mentions or reviews of ThreatHunting-Keywords. We have used some of these posts to build our list of alternatives and similar projects.

What are some alternatives?

When comparing sysmon-config and ThreatHunting-Keywords you can also consider the following projects:

ThreatIngestor - Extract and aggregate threat intelligence.

reversinglabs-siem-rules - A collection of various SIEM rules relating to malware family groups.

SysmonTools - Utilities for Sysmon

awesome-lists - Security lists for SOC detections

yeti - Your Everyday Threat Intelligence

Purpleteam - Purpleteam scripts simulation & Detection - trigger events for SOC detections

sysmon-modular - A repository of sysmon configuration modules

MurMurHash - This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

cowrie - Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

DFIRMindMaps - A repository of DFIR-related Mind Maps geared towards the visual learners!

MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform

sysmon-config - Sysmon configuration file template with default high-quality event tracing

sysmon-config vs ThreatIngestor ThreatHunting-Keywords vs reversinglabs-siem-rules sysmon-config vs SysmonTools ThreatHunting-Keywords vs awesome-lists sysmon-config vs yeti ThreatHunting-Keywords vs Purpleteam sysmon-config vs sysmon-modular ThreatHunting-Keywords vs MurMurHash sysmon-config vs cowrie sysmon-config vs DFIRMindMaps sysmon-config vs MISP sysmon-config vs sysmon-config