12 results found Sort:

sbousseaden
EVTX-ATTACK-SAMPLES sbousseaden
392
2.1k
gpl-3.0
144
Windows Events Attack Samples
dfir evtx dataset winlogbeat mitre-attack threat-hunting windows-security detection-engineering
Created 2019-03-15
676 commits to master branch, last one about a year ago
mdecrevoisier
Microsoft-eventlog-mindmap mdecrevoisier
180
986
bsd-2-clause
48
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
evtx azure mindmap windows exchange active-directory incident-response
Created 2021-08-27
55 commits to main branch, last one 8 days ago
williballenthin
python-evtx williballenthin
163
680
apache-2.0
42
Pure Python parser for Windows Event Log files (.evtx)
evtx event-log forensics
Created 2012-12-24
288 commits to master branch, last one about a year ago
wagga40
Zircolite wagga40
84
607
unknown
24
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
evtx sigma auditd sysmon pysigma python3 detection evtxtract forensics sigma-rules forensics-tools
Created 2021-03-02
216 commits to master branch, last one 21 days ago
mdecrevoisier
EVTX-to-MITRE-Attack mdecrevoisier
81
479
cc0-1.0
24
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
evtx siem redteam mitre-attack threat-hunting
Created 2020-07-09
179 commits to master branch, last one 2 months ago
EricZimmerman
evtx EricZimmerman
60
250
mit
25
C# based evtx parser with lots of extras
evtx event windows eventlog
Created 2019-03-17
1,117 commits to master branch, last one about a month ago
jurelou
epagneul jurelou
33
225
unknown
9
Graph Visualization for windows event logs
evtx hunting blueteam security forensics security-tools threat-hunting dfir-automation forensics-tools
Created 2021-12-30
26 commits to master branch, last one about a year ago
NVISOsecurity
evtx-hunter NVISOsecurity
25
140
gpl-3.0
10
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
evtx csirt netsec infosec threat-hunting incident-response
This repository has been archived (exclude archived)
Created 2021-05-25
27 commits to main branch, last one 2 years ago
ine-labs
ThreatSeeker ine-labs
9
89
mit
5
ThreatSeeker: Threat Hunting via Windows Event Logs
evtx sysmon threat windows log-analysis threat-detection threat-intelligence
Created 2023-04-11
4 commits to master branch, last one about a year ago
sumeshi
evtx2es sumeshi
19
80
mit
7
A library for fast parse & import of Windows Eventlogs into Elasticsearch.
evtx parser python windows eventlog elasticsearch
Created 2019-10-05
147 commits to master branch, last one 3 days ago
kacos2000
Evtx_Log_Browser kacos2000
11
56
mit
7
Evtx Log (xml) Browser
gui xml evtx windows11 powershell windows-10
Created 2022-01-05
11 commits to master branch, last one about a year ago
AhmedKamal1432
Evilize AhmedKamal1432
7
36
gpl-3.0
5
Triaging Windows event logs based on SANS Poster
evt dfir evtx sans events eventlogs incident-response
Created 2021-09-19
386 commits to main branch, last one about a year ago