little-kawa

Pinned Repositories

EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Language:C00
sigma
Generic Signature Format for SIEM Systems
Language:Python0 0 00
WindowsAdvancedAuditPolicyMap
The main purpose of this project is to establish an exhaustive map of the correspondence between Windows advanced audit policy settings and event ids.
9 2 00
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Language:C1.6k 20 15195
sigma
Main Sigma Rule Repository
Language:Python8.6k 345 6102.2k

little-kawa's Repositories

little-kawa/WindowsAdvancedAuditPolicyMap
The main purpose of this project is to establish an exhaustive map of the correspondence between Windows advanced audit policy settings and event ids.
9 2 00
little-kawa/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
Language:C00
little-kawa/sigma
Generic Signature Format for SIEM Systems
Language:Python0 0 00