{"id":14064396,"url":"https://github.com/simeononsecurity/Automate-Sysmon","last_synced_at":"2025-07-29T18:32:09.872Z","repository":{"id":110917235,"uuid":"366577044","full_name":"simeononsecurity/Automate-Sysmon","owner":"simeononsecurity","description":"Automate Sysmon Deployment and Configuration","archived":false,"fork":false,"pushed_at":"2024-07-26T23:09:05.000Z","size":46,"stargazers_count":16,"open_issues_count":0,"forks_count":3,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-07-27T00:24:53.541Z","etag":null,"topics":["automation","microsoft","powershell"],"latest_commit_sha":null,"homepage":"https://simeononsecurity.com/github/Automate-Sysmon","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/simeononsecurity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["simeononsecurity"],"custom":["https://simeononsecurity.com","https://simeononsecurity.com/recommendhome","https://simeononsecurity.com/affiliate","https://twitter.com/simeonsecurity","https://discord.io/cybersentinels"]}},"created_at":"2021-05-12T03:07:22.000Z","updated_at":"2024-07-26T23:09:08.000Z","dependencies_parsed_at":"2024-05-27T22:00:17.024Z","dependency_job_id":"c23842ba-bc4b-424a-9dea-e35e46f65b2e","html_url":"https://github.com/simeononsecurity/Automate-Sysmon","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2FAutomate-Sysmon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2FAutomate-Sysmon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2FAutomate-Sysmon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/simeononsecurity%2FAutomate-Sysmon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/simeononsecurity","download_url":"https://codeload.github.com/simeononsecurity/Automate-Sysmon/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":215155110,"owners_count":15836917,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","microsoft","powershell"],"created_at":"2024-08-13T07:03:50.822Z","updated_at":"2024-08-13T07:06:41.712Z","avatar_url":"https://github.com/simeononsecurity.png","language":"PowerShell","funding_links":["https://github.com/sponsors/simeononsecurity","https://simeononsecurity.com","https://simeononsecurity.com/recommendhome","https://simeononsecurity.com/affiliate","https://twitter.com/simeonsecurity","https://discord.io/cybersentinels"],"categories":["PowerShell"],"sub_categories":[],"readme":"# Automate-Sysmon\n\n [![Sponsor](https://img.shields.io/badge/Sponsor-Click%20Here-ff69b4)](https://github.com/sponsors/simeononsecurity) [![VirusTotal Scan](https://github.com/simeononsecurity/Automate-Sysmon/actions/workflows/virustotal.yml/badge.svg)](https://github.com/simeononsecurity/Automate-Sysmon/actions/workflows/virustotal.yml)\n\n## Introduction:\n\nIncrease your logging abilities to further your ability to detect threats and malicious activity on your systems.\n\n## Recommended reading material:\n\n- [BHIS - Getting Started With Sysmon](https://www.blackhillsinfosec.com/getting-started-with-sysmon/)\n- [olafhartong/sysmon-modular](https://github.com/olafhartong/sysmon-modular)\n- [Malware Archaeology Cheat Sheets](https://www.malwarearchaeology.com/cheat-sheets)\n\n## A list of scripts and tools this collection utilizes:\n\n- [Chocolatey](https://chocolatey.org/) - *Only if you don't already have Sysmon in your local path*\n- [SwiftOnSecurity/sysmon-config](https://github.com/SwiftOnSecurity/sysmon-config)\n- [Microsoft Sysinternals - Sysmon](https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon)\n\n## How to run the script\n\n### Automated Install:\n```powershell\niwr -useb 'https://simeononsecurity.ch/scripts/sosautomatesysmon.ps1'|iex\n```\n\n### Manual Install:\n\nIf manually downloaded, the script must be launched from the directory containing all the files from the [GitHub Repository](https://github.com/simeononsecurity/Automate-Sysmon)\n\n```powershell\nSet-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force\nGet-ChildItem -Recurse *.ps1 | Unblock-File\n.\\sos-automate-sysmon.ps1\n```\n\n\n## [Learn more about Automating Sysmon Deployments](https://simeononsecurity.ch/github/Automate-Sysmon)\n\u003ca href=\"https://simeononsecurity.ch\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\n  \u003ch2\u003eExplore the World of Cybersecurity\u003c/h2\u003e\n\u003c/a\u003e\n\u003ca href=\"https://simeononsecurity.ch\" target=\"_blank\" rel=\"noopener noreferrer\"\u003e\n  \u003cimg src=\"https://simeononsecurity.ch/img/banner.png\" alt=\"SimeonOnSecurity Logo\" width=\"300\" height=\"300\"\u003e\n\u003c/a\u003e\n\n### Links:\n- #### [github.com/simeononsecurity](https://github.com/simeononsecurity)\n- #### [simeononsecurity.ch](https://simeononsecurity.ch)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimeononsecurity%2FAutomate-Sysmon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsimeononsecurity%2FAutomate-Sysmon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsimeononsecurity%2FAutomate-Sysmon/lists"}