Awesome
Automate-Sysmon
Introduction:
Increase your logging abilities to further your ability to detect threats and malicious activity on your systems.
Recommended reading material:
A list of scripts and tools this collection utilizes:
- Chocolatey - Only if you don't already have Sysmon in your local path
- SwiftOnSecurity/sysmon-config
- Microsoft Sysinternals - Sysmon
How to run the script
Automated Install:
iwr -useb 'https://simeononsecurity.ch/scripts/sosautomatesysmon.ps1'|iex
Manual Install:
If manually downloaded, the script must be launched from the directory containing all the files from the GitHub Repository
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
Get-ChildItem -Recurse *.ps1 | Unblock-File
.\sos-automate-sysmon.ps1