Sysmon | Endpoint Monitoring | Logs analysis | Tryhackme Write-up
Sysmon is a Windows system monitoring tool that logs detailed events like process creation, network connections, file changes, DLL loads, and registry modifications into Windows Event Logs for threat hunting and forensics.
Sysmon don’t collect every...
soc-analyst101.hashnode.dev8 min read