Windows core
Windows sysinternals
Windows event logs
Sysmon
Osquery basics
Wazuh
Wazuh is an open-source, freely available and extensive EDR solution. It can be used in all scales of environments. Wazuh operates on a management and agent module.
Wazuh documentation
Wazuh IDS and Endpoint Detection and Response Guide