Appendix resources for Intrinsec's "Amélioration des capacités de détection" handbook.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
event-channels Initial commit. Mar 16, 2018
logpoint
powershell
splunk Initial commit. Mar 16, 2018
subscriptions
sysmon
.gitignore
LICENSE.txt
README.md

README.md

Intro

This repository holds appendix resources for Intrinsec's WEF implementation handbook 🇫🇷.

Sections

  • event-channels: Manifest file and precompiled DLL for adding custom event channels to the Collector server.
  • logpoint: Configuration files for WEF LogPoint integration.
  • powershell: Setup script for PowerShell transcription.
  • splunk: Configuration files for WEF Splunk intergation.
  • subscriptions: Setup script and subscription templates for the Collector server.
  • sysmon: Setup script and configuration file for Sysmon.

External resources

Permanent link to the latest version of Sysmon: https://download.sysinternals.com/files/Sysmon.zip

License

CC-BY-SA-4.0