GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → russelltomkins → Project Sauron

russelltomkins / Project Sauron

Tools to create a Native Windows Audit Collection Platform. Active Directory example provided

Programming Languages

powershell
5483 projects

Labels

eventsubscriptionsiem

Projects that are alternatives of or similar to Project Sauron

Vue Stripe
Stripe Checkout & Elements for Vue.js
Stars: ✭ 669 (+1053.45%)
Mutual labels:  subscription
React Final Form
🏁 High performance subscription-based form state management for React
Stars: ✭ 6,781 (+11591.38%)
Mutual labels:  subscription
Rate Ios
iOS Client of Rate Assistant - A rate search and subscription application.
Stars: ✭ 20 (-65.52%)
Mutual labels:  subscription
Graylog2 Server
Free and open source log management
Stars: ✭ 5,952 (+10162.07%)
Mutual labels:  siem
Pay
Payments for Ruby on Rails apps
Stars: ✭ 759 (+1208.62%)
Mutual labels:  subscription
Adapt
Advanced Developer Async Programming Toolkit
Stars: ✭ 26 (-55.17%)
Mutual labels:  event
Purchases Ios
In-app purchases and subscriptions made easy. iOS, MacOS, iPadOS, tvOS, and WatchOS support.
Stars: ✭ 614 (+958.62%)
Mutual labels:  subscription
Graphql Factory
A toolkit for building GraphQL
Stars: ✭ 44 (-24.14%)
Mutual labels:  subscription
Recoil
Asynchronous coroutines for PHP 7.
Stars: ✭ 765 (+1218.97%)
Mutual labels:  event
Breadcast
Small Broadcast Receiver Library for Android
Stars: ✭ 15 (-74.14%)
Mutual labels:  event
Mitt
🥊 Tiny 200 byte functional event emitter / pubsub.
Stars: ✭ 6,945 (+11874.14%)
Mutual labels:  event
Calendar Phonegap Plugin
📅 Cordova plugin to Create, Change, Delete and Find Events in the native Calendar
Stars: ✭ 729 (+1156.9%)
Mutual labels:  event
Alf.io
alf.io - The open source ticket reservation system for conferences, trade shows, workshops, meetups
Stars: ✭ 862 (+1386.21%)
Mutual labels:  event
Sentinel Attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+1065.52%)
Mutual labels:  siem
Siem From Scratch
SIEM-From-Scratch is a drop-in ELK based SIEM component for your Vagrant infosec lab
Stars: ✭ 31 (-46.55%)
Mutual labels:  siem
Nzyme
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.
Stars: ✭ 507 (+774.14%)
Mutual labels:  siem
Js Collider
Java network (NIO) application framework: performance and scalability.
Stars: ✭ 25 (-56.9%)
Mutual labels:  event
Redux Electron Ipc
Redux Electron IPC Middleware
Stars: ✭ 54 (-6.9%)
Mutual labels:  event
Postix
Cashdesk system used at Chaos Communication Congress
Stars: ✭ 42 (-27.59%)
Mutual labels:  event
In App Purchase
A Node.js module for in-App-Purchase for iOS, Android, Amazon and Windows.
Stars: ✭ 868 (+1396.55%)
Mutual labels:  subscription
View All Similar Projects ➔

Welcome to Project Sauron

For an introduction to Project Sauron and a quick-start using a Domain Controller example, refer to the following blog post. https://blogs.technet.microsoft.com/russellt/2017/05/09/project-sauron-introduction/

The 4 core scripts can be used to build your own solutions as well. Create-CustomView.ps1 - Create a custom view tree that allows you to easily extract specific events Create-Manifest.ps1 - Creates an event channel manifest file for .dll compilation to create dedicated event channels (logs) for storage of events in management .evtx files Prepare-EventChannel.ps1 - Enables the custom event channels, configures their default size and enables auto-archive. Create-Subscriptions.ps1 - Creates the windows event collection subscription files to forward and store events in the appproiate log file.

Want to create your own?

  1. Create a csv to define the custom event channels and xPath queries
  2. Compile a new .manifest and .dll file to define the custom event channels from your master input csv.
  3. Load the custom events channel .manifest and .dll into your Windows Event Collector using wevtutil.exe um <name.man>
  4. Prepare the event channels
  5. Create and import your WEC subscriptions using the master input csv.
  6. Configure the machines to pull subscriptions from the WEC Subscription server
  7. Begin leveraging your new centralised event logs.

Contribute Got an idea for a new Channel/Subscription/View? Leave a comment on the repository

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].