Sysmon

Open-source projects categorized as Sysmon

Top 15 Sysmon Open-Source Projects

  • sigma

    Main Sigma Rule Repository

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • sysmon-config

    Sysmon configuration file template with default high-quality event tracing

    Project mention: Software Hardening Tools for System Defense | dev.to | 2024-04-30

    cd c:\sysmon git clone https://github.com/SwiftOnSecurity/sysmon-config sysmon -accepteula -i sysmon-config/sysmon-config.xml

  • DetectionLab

    Automate the creation of a lab environment complete with security tooling and logging best practices

  • WindowsSpyBlocker

    Block spying and tracking on Windows

    Project mention: Scripts to build a trimmed-down Windows 11 image | news.ycombinator.com | 2024-04-25
  • ThreatHunter-Playbook

    A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

  • sysmon-modular

    A repository of sysmon configuration modules

  • SysmonTools

    Utilities for Sysmon

  • whids

    Open Source EDR for Windows

  • sysmon-config

    Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)

  • Zircolite

    A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

  • EnableWindowsLogSettings

    Documentation and scripts to properly enable Windows event logs.

  • iMonitorSDK

    The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发

  • Shhmon

    Neutering Sysmon via driver unload

  • SysmonConfigPusher

    Pushes Sysmon Configs

  • sysmon

    Sysmon and wazuh integration with Sigma sysmon rules [updated] (by sametsazak)

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Sysmon discussion

Log in or Post with

Sysmon related posts

  • Software Hardening Tools for System Defense

    1 project | dev.to | 30 Apr 2024
  • Troubleshooting Intermittent Slowness on Network Share

    1 project | /r/msp | 7 Jul 2023
  • Sysmon 15.0 is out now with advanced features

    2 projects | /r/sysadmin | 29 Jun 2023
  • Sysmon not reading our config.xml-file

    1 project | /r/sysadmin | 21 Jun 2023
  • SysmonConfigPusher: Pushes Sysmon Configs - 2 years old, but wasn't included at the time

    1 project | /r/blueteamsec | 11 Jun 2023
  • Cheap, Fast, Good and Simple Remote Monitoring for Small Environments

    1 project | /r/msp | 31 May 2023
  • How do you actually threat hunt?

    3 projects | /r/cybersecurity | 30 May 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 1 Dec 2024
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Sysmon projects? This list will help you:

Project Stars
1 sigma 8,414
2 sysmon-config 4,819
3 DetectionLab 4,654
4 WindowsSpyBlocker 4,659
5 ThreatHunter-Playbook 4,037
6 sysmon-modular 2,669
7 SysmonTools 1,489
8 whids 1,151
9 sysmon-config 773
10 Zircolite 682
11 EnableWindowsLogSettings 531
12 iMonitorSDK 343
13 Shhmon 221
14 SysmonConfigPusher 89
15 sysmon 61

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com

Did you konow that Python is
the 1st most popular programming language
based on number of metions?