Top Tweets for #sysmonforlinux
Excited for @hack_lu! In addition to my planned talk, I'll conduct a 90-min workshop to introduce Kunai: your new Linux threat-hunting tool (an alternative to #SysmonForLinux). See you there! More info: https://t.co/qv8hqFKC5y
If you are looking for a #SysmonForLinux alternative or if you are just curious ! Take a look to kunai: https://t.co/LafBReqB4v
If you want to try the stuff out, there is a pre-compiled binary on GitHub: https://t.co/I8Mj8ZsXpj
#ebpf #linux #threathunting #dfir
Its been a while I did not posted on my #SysmonForLinux kind of project ! It is because it takes a lot of time to develop, here is where I am.
Example, executing dig command:
- we see execve event with hashes
#ThreatHunting
1/6
I think I got bored waiting after #SysmonForLinux so I decided to start my own BPF based Linux monitoring project. Roadmap:
- shared object loading
- driver loading
- dns queries
- network connections
Tell me if you want other stuffs for a first release !
#ThreatHunting
I 💖 what @cyb3rops did here with auditd 🙏
https://t.co/QFcrVI9CTl
and the extensions and additional tagging from @bfuzzy1 🚀 https://t.co/UUyIansvVT
Great examples to base #SysmonForLinux collection rules 🙏 I will start adding and testing those!
Thank you for sharing! 🍻
🚨 Experimenting with a @MITREattack based approach to manage our #Sysmon configs 🚀
Sharing our #SysmonForLinux configs first! Still a WIP, but would 💖 to get your feedback! 😎
All research and community driven! #MSTIC @russmcsec @jessen_kurien
https://t.co/Yhr7Wh2CUI
🚨 Learning how to install #Sysmon for Linux 🐧 & send security events to #AzureSentinel in a research lab environment!! 🧪 #MSTIC #Microsoft
📡 Sysmon (SysinternalsEBPF) -> Syslog -> SIEM 🚀
✅ Scripts
✅ ARM templates
✅ Sysmon configs and more..
https://t.co/juoMCueKU5
🚀 Any NEW fields on the schemas for #SysmonForLinux events compared to Windows🤔?
@Cyb3rPandaH used our #Sysmon for Windows & Linux data dictionaries in a python 🐍 script to answer that😎
✅ ParentUser (ProcessCreate)
✅ User (EID 5,9,11)
🖇️ Script: https://t.co/vO1mjtvGnw
🚨 Learning how to install #Sysmon for Linux 🐧 & send security events to #AzureSentinel in a research lab environment!! 🧪 #MSTIC #Microsoft
📡 Sysmon (SysinternalsEBPF) -> Syslog -> SIEM 🚀
✅ Scripts
✅ ARM templates
✅ Sysmon configs and more..
https://t.co/juoMCueKU5
@Cyb3rWard0g 🚨 Thanks to @Cyb3rPandaH , we updated our #Linux data dictionaries to keep up with the event schemas from #SysmonForLinux and share them with the community 🚀 I see some new fields names 🙊👀
https://t.co/SQtaKTgXYp
@OTR_Community
Hey everyone. Thanks for all the messages - it’s been great waking up in a different time zone to see them all. Hope you all find #sysmon #sysmonforlinux useful! #Sysinternals25 #Sysinternals #eBPF
@EricaZeli @olafhartong @markrussinovich @mxatone @Sysinternals @Cyb3rWard0g I should say, the major design decision for #sysmonforlinux was that you wouldn’t need to recompile your kernel or install symbols packages or limit yourself to BTF environments. I wrote the discovery code to work it out itself. It will need improving but the aim is there.
Last Seen Hashtags on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers