Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/simeononsecurity/automate-sysmon

Automate Sysmon Deployment and Configuration
https://github.com/simeononsecurity/automate-sysmon

automation microsoft powershell

Last synced: about 2 months ago
JSON representation

Automate Sysmon Deployment and Configuration

Awesome Lists containing this project

README

        

# Automate-Sysmon

[![Sponsor](https://img.shields.io/badge/Sponsor-Click%20Here-ff69b4)](https://github.com/sponsors/simeononsecurity) [![VirusTotal Scan](https://github.com/simeononsecurity/Automate-Sysmon/actions/workflows/virustotal.yml/badge.svg)](https://github.com/simeononsecurity/Automate-Sysmon/actions/workflows/virustotal.yml)

## Introduction:

Increase your logging abilities to further your ability to detect threats and malicious activity on your systems.

## Recommended reading material:

- [BHIS - Getting Started With Sysmon](https://www.blackhillsinfosec.com/getting-started-with-sysmon/)
- [olafhartong/sysmon-modular](https://github.com/olafhartong/sysmon-modular)
- [Malware Archaeology Cheat Sheets](https://www.malwarearchaeology.com/cheat-sheets)

## A list of scripts and tools this collection utilizes:

- [Chocolatey](https://chocolatey.org/) - *Only if you don't already have Sysmon in your local path*
- [SwiftOnSecurity/sysmon-config](https://github.com/SwiftOnSecurity/sysmon-config)
- [Microsoft Sysinternals - Sysmon](https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon)

## How to run the script

### Automated Install:
```powershell
iwr -useb 'https://simeononsecurity.ch/scripts/sosautomatesysmon.ps1'|iex
```

### Manual Install:

If manually downloaded, the script must be launched from the directory containing all the files from the [GitHub Repository](https://github.com/simeononsecurity/Automate-Sysmon)

```powershell
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
Get-ChildItem -Recurse *.ps1 | Unblock-File
.\sos-automate-sysmon.ps1
```

## [Learn more about Automating Sysmon Deployments](https://simeononsecurity.ch/github/Automate-Sysmon)

 

Explore the World of Cybersecurity




  SimeonOnSecurity Logo

### Links:
- #### [github.com/simeononsecurity](https://github.com/simeononsecurity)
- #### [simeononsecurity.ch](https://simeononsecurity.ch)