Project Name	Stars	Packages Using This	Most Recent Commit	Total Releases	Latest Release	Open Issues	License	Language
Detectionlab	4,486		a year ago			31	mit	HTML
Automate the creation of a lab environment complete with security tooling and logging best practices
Threathunter Playbook	3,826		2 months ago			5	mit	Python
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
Sysmon Modular	2,364		5 months ago			37	mit	PowerShell
A repository of sysmon configuration modules
Whids	921		a year ago	21	August 08, 2022	17	agpl-3.0	Go
Open Source EDR for Windows
Cyberthreathunting	755		5 months ago				gpl-3.0	Python
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
Sysmon Config	529		5 years ago			n,ull		Batchfile
Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
Enablewindowslogsettings	343		7 months ago			1	gpl-3.0	Batchfile
Documentation and scripts to properly enable Windows event logs.
Detectionlabelk	299		3 years ago				mit	PowerShell
DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
Malwless	244		a year ago			2	gpl-3.0	C#
Test Blue Team detections without running any attack.
Gene	149	1	5 months ago	33	June 02, 2022	1	gpl-3.0	Go
Signature engine for all your logs

Alternatives To Ossec Sysmon

Select To Compare

Detectionlab ⭐ 4,486

Automate the creation of a lab environment complete with security tooling and logging best practices

most recent commit a year ago

Threathunter Playbook ⭐ 3,826

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

most recent commit 2 months ago

Sysmon Modular ⭐ 2,364

A repository of sysmon configuration modules

most recent commit 5 months ago

Whids ⭐ 921

Open Source EDR for Windows

total releases 21most recent commit a year ago

Cyberthreathunting ⭐ 755

A collection of resources for Threat Hunters - Sponsored by Falcon Guard

most recent commit 5 months ago

Sysmon Config ⭐ 529

Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing

most recent commit 5 years ago

Enablewindowslogsettings ⭐ 343

Documentation and scripts to properly enable Windows event logs.

most recent commit 7 months ago

Detectionlabelk ⭐ 299

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

most recent commit 3 years ago

Malwless ⭐ 244

Test Blue Team detections without running any attack.

most recent commit a year ago

Gene ⭐ 149

Signature engine for all your logs

dependent packages 1total releases 33most recent commit 5 months ago

Suggest An Alternative To ossec-sysmon

Alternative Project Comparisons

Ossec Sysmon vs Detectionlab

Ossec Sysmon vs Threathunter Playbook

Ossec Sysmon vs Sysmon Modular

Ossec Sysmon vs Whids

Ossec Sysmon vs Cyberthreathunting

Ossec Sysmon vs Sysmon Config

Ossec Sysmon vs Enablewindowslogsettings

Ossec Sysmon vs Detectionlabelk

Ossec Sysmon vs Malwless

Ossec Sysmon vs Gene

Popular Sysmon Projects

Sigma ⭐ 7,542

Main Sigma Rule Repository

dependent packages 2total releases 35latest release January 13, 2019most recent commit 7 days ago

Windowsspyblocker ⭐ 3,920

Block spying and tracking on Windows

most recent commit a year ago

Attack_range ⭐ 1,874

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

most recent commit 3 months ago

Sysmontools ⭐ 1,405

Utilities for Sysmon

most recent commit 7 months ago

Sentinel Attack ⭐ 1,038

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

most recent commit 7 months ago

Popular Dfir Projects

H4cker ⭐ 15,693

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.

most recent commit 3 months ago

My Arsenal Of Aws Security Tools ⭐ 8,549

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

most recent commit 3 months ago

Awesome Incident Response ⭐ 6,852

A curated list of tools for incident response

most recent commit 3 months ago

Lolbas ⭐ 6,294

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

most recent commit 3 months ago

Zeek ⭐ 5,731

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

most recent commit 3 months ago

Popular Security Categories