awesome-event-ids
github.com/stuhli/awesome-event-ids ↗Collection of Event ID ressources useful for Digital Forensics and Incident Response
656
GitHub Stars
60
Curated Resources
2
Categories
6 hours ago
Last Refreshed
ResourcesContributing
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me event id analysis resources from awesome-event-ids"
Installation instructions →What's inside
Resources
- Antivirus Event Analysis Cheat SheetEvent ID analysis
Antivirus Event Analysis Cheat Sheet.
- Attack and Defense Around PowerShell Event LoggingEvent ID analysis
PowerShell logging deep dive from different perspectives by Mina Hao.
- Audit Policy RecommendationsEvent ID configuration and monitoring suggestions
Audit Policy Recommendations by Microsoft.
- Command line Process AuditingEvent ID configuration and monitoring suggestions
Enable 4688 featuring command line.
- Configuration by olafhartongEvent ID configuration and monitoring suggestions
A repository of Sysmon configuration modules.
- Configuration by SwiftOnSecurityEvent ID configuration and monitoring suggestions
Same as above, with all PR.
Showing a sample of 60 resources. View the full list on GitHub →