GitHub

CrowdStrike Powershell module for parsing WFP for Falcon Host Based Firewall

CRWD-HBFW is a light-weight, powershell module that helps you debug and analyze the Windows Filtering Platform in the context of the CrowdStrike Falcon HostBased Firewall. CrowdStrike Falcon's ...
GitHub

rhpenguin/Winlogbeat-javascript-processor-example

HelloWorld module: Add a "greeting: hello, world!" field into Sysmon event logs. Psdecode module: Decode PowerShell's -EncodedCommand (-enc) args, split the decoded args and add them into Sysmon event ...