Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/simeononsecurity/automate-sysmon
Automate Sysmon Deployment and Configuration
https://github.com/simeononsecurity/automate-sysmon
automation microsoft powershell
Last synced: about 2 months ago
JSON representation
Automate Sysmon Deployment and Configuration
- Host: GitHub
- URL: https://github.com/simeononsecurity/automate-sysmon
- Owner: simeononsecurity
- License: mit
- Created: 2021-05-12T03:07:22.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-07-26T23:09:05.000Z (5 months ago)
- Last Synced: 2024-08-13T07:06:42.184Z (4 months ago)
- Topics: automation, microsoft, powershell
- Language: PowerShell
- Homepage: https://simeononsecurity.com/github/Automate-Sysmon
- Size: 44.9 KB
- Stars: 16
- Watchers: 3
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
README
# Automate-Sysmon
[![Sponsor](https://img.shields.io/badge/Sponsor-Click%20Here-ff69b4)](https://github.com/sponsors/simeononsecurity) [![VirusTotal Scan](https://github.com/simeononsecurity/Automate-Sysmon/actions/workflows/virustotal.yml/badge.svg)](https://github.com/simeononsecurity/Automate-Sysmon/actions/workflows/virustotal.yml)
## Introduction:
Increase your logging abilities to further your ability to detect threats and malicious activity on your systems.
## Recommended reading material:
- [BHIS - Getting Started With Sysmon](https://www.blackhillsinfosec.com/getting-started-with-sysmon/)
- [olafhartong/sysmon-modular](https://github.com/olafhartong/sysmon-modular)
- [Malware Archaeology Cheat Sheets](https://www.malwarearchaeology.com/cheat-sheets)## A list of scripts and tools this collection utilizes:
- [Chocolatey](https://chocolatey.org/) - *Only if you don't already have Sysmon in your local path*
- [SwiftOnSecurity/sysmon-config](https://github.com/SwiftOnSecurity/sysmon-config)
- [Microsoft Sysinternals - Sysmon](https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon)## How to run the script
### Automated Install:
```powershell
iwr -useb 'https://simeononsecurity.ch/scripts/sosautomatesysmon.ps1'|iex
```### Manual Install:
If manually downloaded, the script must be launched from the directory containing all the files from the [GitHub Repository](https://github.com/simeononsecurity/Automate-Sysmon)
```powershell
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
Get-ChildItem -Recurse *.ps1 | Unblock-File
.\sos-automate-sysmon.ps1
```## [Learn more about Automating Sysmon Deployments](https://simeononsecurity.ch/github/Automate-Sysmon)
Explore the World of Cybersecurity
### Links:
- #### [github.com/simeononsecurity](https://github.com/simeononsecurity)
- #### [simeononsecurity.ch](https://simeononsecurity.ch)