IDS/IPS

 https://www.crowdsec.net/

https://www.ossec.net/

https://securityonionsolutions.com/software

https://zeek.org/

https://suricata.io/download/

https://www.pfsense.org/download/

https://wazuh.com/

https://www.stamus-networks.com/selks#selks

https://github.com/orgs/minios-linux/discussions/16

https://minios.dev/en/#downloads

https://vendefoulwolf.wixsite.com/descarga

https://linuxdistrowatchers.com/vendefoul_wolf_linux/index.html

https://www.ultimatewindowssecurity.com/securitylog/encyclopedia/default.aspx

https://github.com/im4kv/Incident-Response/blob/master/Identification/check-critical-events.ps1

Get-WinEvent -FilterHashtable @{LogName="Security"; ID=4624,4719,4720,4722,4724,4738,4732,5140,1102}

Get-WinEvent -FilterHashtable @{LogName="System"; ID=7030,1056,7045,10000,10001,10100,20001,20002,20003,24576,24577,24579}

Get-WinEvent -FilterHashTable @{LogName="Microsoft-Windows-Windows Firewall With Advanced Security/Firewall"; ID=2003}

------------------

# Open PowerShell  

  

# Use the Get-EventLog cmdlet specifying the log you want to read  

Get-EventLog -LogName System  

  

# Output the logs to a file named "SystemLogs.txt" on your desktop  

Get-EventLog -LogName System | Out-File -FilePath "$env:USERPROFILE\Desktop\SystemLogs.txt"  

  

# Output the logs to a CSV file on your desktop  

Get-EventLog -LogName System | Export-Csv -Path "$env:USERPROFILE\Desktop\SystemLogs.csv"  

  

# Output the logs to the console  

Get-EventLog -LogName System

https://scanqr.org/

https://apps.microsoft.com/detail/9NBLGGH5M02G?hl=en-us&gl=us