Sysmon configuration file template with default high-quality event tracing
-
Updated
Jul 3, 2024
Sysmon configuration file template with default high-quality event tracing
A Linux version of the ProcDump Sysinternals tool
Utilities for Sysmon
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them should be moved or re-moved.
Secure delete files with right click. GUI for Sysinternals SDelete tool
AwesomeWallpaper plays videos, shows images and system info on your desktop wallpaper
A ProcMon-esque tool for monitoring Windows Kernel Drivers
Volatility Explorer Suit
A PowerShell script to prevent Sysmon from writing its events
A re-creation of SysInternals BGInfo that doesn't touch the desktop wallpaper.
Code from process of reversing Sysinternals Suite for educational purposes, with videos to associate them
Development repository for the sysinternals cookbook
Frontend for Handle viewer of Windows Sysinternals
This repository contains tools and utilities used for developer
See Your Trace Statements in Process Monitor!
Example in C of changing the current process PEB's address at runtime
A command line tool that sends its input data to a running procmon instance.
Add a description, image, and links to the sysinternals topic page so that developers can more easily learn about it.
To associate your repository with the sysinternals topic, visit your repo's landing page and select "manage topics."