You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.1 KiB
1.1 KiB
| 1 | Category | URL |
|---|---|---|
| 2 | Andrea Fortuna | https://www.andreafortuna.org/2019/06/12/windows-security-event-logs-my-own-cheatsheet/ |
| 3 | Mike Lombardi | https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1511904841.pdf |
| 4 | NSA | https://github.com/nsacyber/Event-Forwarding-Guidance/tree/master/Events |
| 5 | Microsoft AD | https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor |
| 6 | SANS Forensics Guidance | https://isc.sans.edu/forums/diary/Windows+Events+log+for+IRForensics+Part+1/21493/ |
| 7 | Michael Gough | https://www.malwarearchaeology.com/cheat-sheets |
| 8 | Hunters Forge | https://github.com/hunters-forge/OSSEM/tree/master/attack_data_sources |
| 9 | JP-CERT | https://www.jpcert.or.jp/english/pub/sr/20170612ac-ir_research_en.pdf |
| 10 | ASD | https://www.cyber.gov.au/acsc/view-all-content/publications/windows-event-logging-and-forwarding |
| 11 | Splunk UBA | https://docs.splunk.com/Documentation/UBA/latest/GetDataIn/WindowsEvents |
| 12 | Sygnia Golden SAML | https://www.sygnia.co/golden-saml-advisory |
| 13 | JSCU-NL | https://github.com/JSCU-NL/logging-essentials |
| 14 | Michel de CREVOISIER | https://github.com/mdecrevoisier/EVTX-to-MITRE-Attack |