Skip to content

conway87/HEG-BeefEater

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
HEG
HEG
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

BeefEater

BeefEater is a double downed version of HEG. It generates way more events with less hand holding. BeefEater is not for casuals. This version of HEG is geared for people who need to see a multitude of events that might only have slight variations.


e.g. What events would be generated from modifying a registry key in cmd versus modifying it in JScript? In that scenario would you get better telemetry from Windows Security or Sysmon?

  1. Read the wiki over on the main HEG repo. For quick start:

    • Download and extract repo
    • Make sure folder containg main script is called 'HEG' (\HEG\HEG.ps1)
    • Launch PowerShell as admin
    • Locate and run HEG.ps1
    • After it completes, check the Logs directory

About

No description or website provided.

Topics

generator log logging threat-hunting siem log-generator detection-engineering event-generator cybersecurity-tools threat-hunting-via-eventlogs log-generation siem-tools siem-home-lab

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages