issues
search
SwiftOnSecurity
/
sysmon-config
Sysmon configuration file template with default high-quality event tracing
4.74k
stars
1.7k
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
SecurityProviders
#44
wolf0x
closed
5 years ago
1
Error with Sysmon v6.20 DTD prohibited
#43
ghost
closed
5 years ago
9
typo fixes
#42
Green-m
closed
5 years ago
0
Info sec serenity mc afee exceptions
#41
InfoSecSerenity
closed
6 years ago
1
Add Windows Trust registry keys to log
#40
mdunten
opened
6 years ago
0
Rename patch-3 back to sysmonconfig-export.xml
#39
allykzam
closed
7 years ago
1
added 2 registry persistence methods
#38
SwiftOnSecurity
closed
7 years ago
0
added fltmc.exe detection, minifilter driver mngr
#37
olafhartong
closed
7 years ago
0
added 2 registry persistence methods
#36
olafhartong
closed
7 years ago
0
adding Splunk and Splunk UF exclusions
#35
olafhartong
closed
6 years ago
1
errors in config
#34
johnmccash
closed
5 years ago
0
MITRE ATT&CK Persistence detections
#33
vector-sec
closed
7 years ago
0
Add ProcessAccess rules
#32
Green-m
closed
6 years ago
0
Added 2 TargetFilenames
#31
olafhartong
closed
7 years ago
0
typo fixes
#30
weslambert
closed
2 years ago
1
fix "uninsteresting" typo
#29
dougburks
closed
7 years ago
0
fix "proyx" typo
#28
dougburks
closed
7 years ago
0
When is it an AND and when is it an OR ?
#27
KaptainKool
closed
5 years ago
2
some ideas
#26
ceramicskate0
closed
6 years ago
0
Other persistence methods - SHIM, ServerLevelPluginDll
#25
Neo23x0
closed
3 years ago
1
Sysmon Event ID 7 : DLL (IMAGE) LOADED BY PROCESS not filtering
#24
jrwalzer
closed
7 years ago
6
Error: Incorrect XML configuration: sysmonconfig-export.xml
#23
Chickenfoster
closed
7 years ago
2
Merge pull request #1 from SwiftOnSecurity/master
#22
vector-sec
closed
7 years ago
1
TargetObect "HKLM\..." with condition"end with"
#21
ManfMert
closed
7 years ago
1
Removed duplicate, added new network rules
#20
Neo23x0
closed
7 years ago
1
Added powershell.exe network event monitoring
#19
Neo23x0
closed
7 years ago
0
Image exclusion is not working for FileCreate
#18
PetrPoleshko
closed
7 years ago
3
test
#17
SwiftOnSecurity
closed
7 years ago
0
Creating pull to review changes, will not be merging automatically
#16
SwiftOnSecurity
closed
7 years ago
0
Exclude Dashlane
#15
NotAwful
closed
7 years ago
0
NetworkConnect Exclusion Recommendation
#14
vector-sec
closed
5 years ago
1
Review destination hostname filters
#13
SwiftOnSecurity
closed
7 years ago
0
Powershell without Powershell Filters
#12
ion-storm
closed
7 years ago
2
NetworkConnect Recommendation
#11
vector-sec
closed
7 years ago
3
ipadress.com isnt malicious ipaddress.com is
#10
dweee
closed
7 years ago
0
Monitor network traffic to dynamic DNS domains
#9
daniel-gallagher
closed
7 years ago
2
excluded splunk in event id 1
#8
olafhartong
closed
7 years ago
0
Minor typo
#7
rmanly
closed
7 years ago
0
Typo?
#6
torgro
closed
7 years ago
1
Dropbox Updater
#5
Darkbat91
closed
7 years ago
3
Include .cmd files which can also be used by batch scripts
#4
Phorofor
closed
7 years ago
0
Extra semicolons prevent config import
#3
mmazanec
closed
7 years ago
0
close comments in McAfee Image section
#2
rpunt
closed
7 years ago
0
Addition of McAfee and Firefox
#1
Darkbat91
closed
7 years ago
0
Previous