Sam Novak's starred repositories
sysmon-config
Sysmon configuration file template with default high-quality event tracing
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
elastalert2
ElastAlert 2 is a continuation of the original yelp/elastalert project. Pull requests are appreciated!
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
fetch-installer-pkg
A tool to download the a pkg installer for the Install macOS Big Sur app from Apple's softwareupdate servers
fio_scripts
scripts for running fio, parsing the data and graphing the output
LAPSforMac
Local Administrator Password Solution for Mac
logCollection
Script to upload client device logs to Jamf Pro
macAdminTools
Tools for the MacAdmin
LAPS4LINUX
Local Administrator Password Solution (LAPS) - implementation for Linux, macOS and Windows with additional features
ILO2-Standalone-Remote-Console
ILO2 Remote Console as Standalone version
Automatic-Secure-Token-Granting-Workflow
This workflow allows for the automatic granting of secure tokens to the Jamf Pro Assigned user on a machine utilizing a known SecureToken enabled administrator account to enable a complete hands off FV2 management workflow.
Filevault-Reissue
This application prompts end users for username and password to automatically reissue a recovery key.
atc-mitigation
Actionable analytics designed to combat threats based on MITRE's ATT&CK.
wec_pepped
Pep up your Windows Event Collector (WEC) for Windows Event Forwarding (WEF)
HPEIMCUtils
Collection of Utilities and Templates to extend HPE's Intelligent Management Center NMS Platform
ActivateOATHTokensInBulkAzure
Active AOTH tokens in batches within Azure
sentinel-attack
Repository of sentinel alerts and hunting queries leveraging sysmon and the MITRE ATT&CK framework
autopkg-recipes
Recipes created for use with Autopkg.