Top Tweets for #SysmonForLinux
Excited for @hack_lu! In addition to my planned talk, I'll conduct a 90-min workshop to introduce Kunai: your new Linux threat-hunting tool (an alternative to #SysmonForLinux). See you there! More info: https://t.co/qv8hqFKC5y
If you are looking for a #SysmonForLinux alternative or if you are just curious ! Take a look to kunai: https://t.co/LafBReqB4v
If you want to try the stuff out, there is a pre-compiled binary on GitHub: https://t.co/I8Mj8ZsXpj
#ebpf #linux #threathunting #dfir
Its been a while I did not posted on my #SysmonForLinux kind of project ! It is because it takes a lot of time to develop, here is where I am.
Example, executing dig command:
- we see execve event with hashes
#ThreatHunting
1/6
I think I got bored waiting after #SysmonForLinux so I decided to start my own BPF based Linux monitoring project. Roadmap:
- shared object loading
- driver loading
- dns queries
- network connections
Tell me if you want other stuffs for a first release !
#ThreatHunting
I 💖 what @cyb3rops did here with auditd 🙏
https://t.co/QFcrVI9CTl
and the extensions and additional tagging from @bfuzzy1 🚀 https://t.co/UUyIansvVT
Great examples to base #SysmonForLinux collection rules 🙏 I will start adding and testing those!
Thank you for sharing! 🍻
🚨 Experimenting with a @MITREattack based approach to manage our #Sysmon configs 🚀
Sharing our #SysmonForLinux configs first! Still a WIP, but would 💖 to get your feedback! 😎
All research and community driven! #MSTIC @russmcsec @jessen_kurien
https://t.co/Yhr7Wh2CUI
🚨 Learning how to install #Sysmon for Linux 🐧 & send security events to #AzureSentinel in a research lab environment!! 🧪 #MSTIC #Microsoft
📡 Sysmon (SysinternalsEBPF) -> Syslog -> SIEM 🚀
✅ Scripts
✅ ARM templates
✅ Sysmon configs and more..
https://t.co/juoMCueKU5
🚀 Any NEW fields on the schemas for #SysmonForLinux events compared to Windows🤔?
@Cyb3rPandaH used our #Sysmon for Windows & Linux data dictionaries in a python 🐍 script to answer that😎
✅ ParentUser (ProcessCreate)
✅ User (EID 5,9,11)
🖇️ Script: https://t.co/vO1mjtvGnw
🚨 Learning how to install #Sysmon for Linux 🐧 & send security events to #AzureSentinel in a research lab environment!! 🧪 #MSTIC #Microsoft
📡 Sysmon (SysinternalsEBPF) -> Syslog -> SIEM 🚀
✅ Scripts
✅ ARM templates
✅ Sysmon configs and more..
https://t.co/juoMCueKU5
@Cyb3rWard0g 🚨 Thanks to @Cyb3rPandaH , we updated our #Linux data dictionaries to keep up with the event schemas from #SysmonForLinux and share them with the community 🚀 I see some new fields names 🙊👀
https://t.co/SQtaKTgXYp
@OTR_Community
Hey everyone. Thanks for all the messages - it’s been great waking up in a different time zone to see them all. Hope you all find #sysmon #sysmonforlinux useful! #Sysinternals25 #Sysinternals #eBPF
@EricaZeli @olafhartong @markrussinovich @mxatone @Sysinternals @Cyb3rWard0g I should say, the major design decision for #sysmonforlinux was that you wouldn’t need to recompile your kernel or install symbols packages or limit yourself to BTF environments. I wrote the discovery code to work it out itself. It will need improving but the aim is there.
Last Seen Hashtags on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers