GitHub topics: evtx

Repositories

EricZimmerman/evtx

C# based evtx parser with lots of extras

Language: C# - Size: 6.13 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 320 - Forks: 62

cuhsat/artifacts

Test files from various sources.

Language: DIGITAL Command Language - Size: 20.5 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 1 - Forks: 0

mdecrevoisier/Microsoft-eventlog-mindmap

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

Size: 133 MB - Last synced at: 3 days ago - Pushed at: about 1 year ago - Stars: 1,084 - Forks: 182

williballenthin/python-evtx

Pure Python parser for Windows Event Log files (.evtx)

Language: Python - Size: 3.16 MB - Last synced at: 11 days ago - Pushed at: 3 months ago - Stars: 753 - Forks: 169

NVISOsecurity/evtx-hunter 📦

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Language: Python - Size: 1.1 MB - Last synced at: about 1 month ago - Pushed at: almost 4 years ago - Stars: 155 - Forks: 26

Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecuritynews.com/windows-event-log-analysis/, to quickly highlight key forensic artifacts.

Language: C# - Size: 707 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 6 - Forks: 3

wagga40/Zircolite

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

Language: Python - Size: 67.5 MB - Last synced at: about 2 months ago - Pushed at: 5 months ago - Stars: 722 - Forks: 99

jurelou/epagneul

Graph Visualization for windows event logs

Language: Python - Size: 51.4 MB - Last synced at: about 2 months ago - Pushed at: 8 months ago - Stars: 239 - Forks: 35

sumeshi/evtx2es

A library for fast parse & import of Windows Eventlogs into Elasticsearch.

Language: Python - Size: 211 KB - Last synced at: 21 days ago - Pushed at: 3 months ago - Stars: 85 - Forks: 16

jupyterj0nes/masstin

Masstin: High-Speed DFIR Tool written in Rust and Graph Visualization in Neo4j for Comprehensive Lateral Movement Analysis

Language: Rust - Size: 2.48 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 3 - Forks: 0

KnightChaser/aesir

A simple System monitor(Sysmon) EVTX inspector; search, visualize, and track Sysmon events

Language: Go - Size: 1.48 MB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 6 - Forks: 1

ine-labs/ThreatSeeker

ThreatSeeker: Threat Hunting via Windows Event Logs

Language: Python - Size: 20.3 MB - Last synced at: 5 months ago - Pushed at: over 2 years ago - Stars: 120 - Forks: 13

Alshadex/EvtxReader

The Python Windows .evtx log file parser module

Language: Python - Size: 553 KB - Last synced at: 17 days ago - Pushed at: 5 months ago - Stars: 1 - Forks: 0

sbousseaden/EVTX-ATTACK-SAMPLES

Windows Events Attack Samples

Language: HTML - Size: 6.05 MB - Last synced at: 6 months ago - Pushed at: over 2 years ago - Stars: 2,322 - Forks: 413

shashinma/LogViewer

Size: 1.95 KB - Last synced at: 9 days ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

AhmedKamal1432/Evilize

Triaging Windows event logs based on SANS Poster

Language: PowerShell - Size: 6.68 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 39 - Forks: 7

logpresso/community

Logpresso Mini and community contents for incident response

Size: 10.9 MB - Last synced at: about 2 months ago - Pushed at: almost 4 years ago - Stars: 17 - Forks: 1

fox-it/danderspritz-evtx

Parse evtx files and detect use of the DanderSpritz eventlogedit module

Language: Python - Size: 21.5 KB - Last synced at: 2 months ago - Pushed at: over 7 years ago - Stars: 148 - Forks: 30

suuhm/xml_event_xtractor

export and analyze windows evtx events from xmlcli export files

Language: Python - Size: 13.7 KB - Last synced at: 3 months ago - Pushed at: 9 months ago - Stars: 0 - Forks: 0

kacos2000/Evtx_Log_Browser

Evtx Log (xml) Browser

Language: PowerShell - Size: 396 KB - Last synced at: 4 months ago - Pushed at: over 2 years ago - Stars: 56 - Forks: 11

forensenellanebbia/powershell-scripts

Powershell scripts

Language: PowerShell - Size: 45.9 KB - Last synced at: 8 days ago - Pushed at: about 3 years ago - Stars: 12 - Forks: 0

mdecrevoisier/EVTX-to-MITRE-Attack

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

Size: 2.97 MB - Last synced at: 10 months ago - Pushed at: about 1 year ago - Stars: 526 - Forks: 87

yakisyst3m/evtx2log

convertir les journaux .evtx en .log lisibles

Language: Shell - Size: 11.7 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 2 - Forks: 0

martinmathurine/Windows-Event-Log-Analyser

This is a PySimpleGUI-based Python software tool for processing and visualising selected Windows Event Security.evtx log files that meet a condition in Event ID 4688.

Language: Python - Size: 48 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 4 - Forks: 0

ceramicskate0/SWELF

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

Language: C# - Size: 1.95 MB - Last synced at: 5 months ago - Pushed at: about 2 years ago - Stars: 24 - Forks: 7

evtx-viewer/evtx-viewer-cli

📃 Deb Linux Package for viewing Microsoft security logs in EVTX format.

Language: Python - Size: 1.69 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 1 - Forks: 0

PLZENTERTEXT/autopsy-sigmaa-ingest-module

An Autopsy data source ingest module for detection of IOCs in EVTX for Windows and Auditd for Linux based on SIGMA Rules.

Language: Python - Size: 21.8 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

4na7i1/wevtutilCS

Language: C# - Size: 11.7 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

whatabeautifulmemory/glossy

Glossy Event Log Forensics

Language: JavaScript - Size: 35.5 MB - Last synced at: 7 days ago - Pushed at: almost 2 years ago - Stars: 5 - Forks: 0

faisal6me/Powershell-Forensic-Analysis

Fast Analysis For Powershell logs

Language: Python - Size: 519 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 2

KnightChaser/sentinela

A simplified EVTX file parser wrapping 0xrawsec's golang-evtx module

Language: Go - Size: 24.4 KB - Last synced at: 23 days ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

DemetriusStorm/PrintLogCollector

Windows service to collect print events and save them to MSSQL DB

Language: Python - Size: 42 KB - Last synced at: over 1 year ago - Pushed at: about 4 years ago - Stars: 1 - Forks: 0

lucasgeras/EvtxToESSvc

Windows Log to Logstash ingesting service

Language: C# - Size: 40 KB - Last synced at: almost 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

troplolBE/evtx-to-elk

Program to send logfiles to ELK using winlogbeat.

Language: Visual Basic .NET - Size: 39.1 KB - Last synced at: almost 2 years ago - Pushed at: over 5 years ago - Stars: 2 - Forks: 0

4na7i1/WebEVTXplorer

Language: HTML - Size: 244 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 0 - Forks: 0

Lyc4on/EvtXHunt

EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.

Language: Python - Size: 191 MB - Last synced at: about 2 years ago - Pushed at: almost 4 years ago - Stars: 14 - Forks: 1

duanshuaimin/EVTX-ATTACK-SAMPLES Fork of sbousseaden/EVTX-ATTACK-SAMPLES

Windows Events Attack Samples

Size: 3.02 MB - Last synced at: about 2 years ago - Pushed at: over 4 years ago - Stars: 1 - Forks: 0

hansalemaos/evtx2df

converts Windows Event Logs (EVTX) into pandas DataFrames / CSV files

Language: Python - Size: 10.7 KB - Last synced at: 6 days ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0

the-siegfried/py-evtx-ripper

A command line wrapper for the python-evtx library.

Language: Python - Size: 468 KB - Last synced at: over 2 years ago - Pushed at: about 3 years ago - Stars: 1 - Forks: 0

d4rk-d4nph3/ejax

Windows EVTX to XML and JSON converter

Language: Python - Size: 1.95 KB - Last synced at: over 2 years ago - Pushed at: over 4 years ago - Stars: 1 - Forks: 0

MonaxGT/golang-evtx Fork of 0xrawsec/golang-evtx

Language: Go - Size: 3.42 MB - Last synced at: 9 days ago - Pushed at: over 6 years ago - Stars: 1 - Forks: 0

devynspencer/elk-moose

Quickly analyze Windows event logs.

Language: Shell - Size: 31.3 KB - Last synced at: over 2 years ago - Pushed at: over 4 years ago - Stars: 3 - Forks: 0

Related Keywords

evtx 42 windows 12 forensics 10 log 6 logging 6 dfir 6 sysmon 5 python 5 threat-hunting 5 eventlog 5 xml 4 event-log 3 forensics-tools 3 incident-response 3 analysis 3 powershell 3 sigma 3 siem 3 logs 3 json 3 blueteam 3 log-analysis 3 security 3 elasticsearch 3 parser 3 cybersecurity 3 csv 2 csharp 2 evtx-analysis 2 auditd 2 detection 2 autopsy 2 parsing 2 digital-forensics 2 hunting 2 sigma-rules 2 forensic 2 events 2 elk 2 logstash 2 event 2 winlogbeat 2 gui 2 go 2 mitre-attack 2 opensource 2 password 1 security-tools 1 extensible-storage-engine 1 kibana 1 networksecurity 1 network 1 log-analyzer 1 automation 1 mft 1 registry-hive-files 1 sqlite 1 redteam 1 danderspritz 1 etl 1 eventlogedit 1 analyzer 1 xmlcli 1 windows11 1 windows-10 1 converter 1 pandas 1 dataframe 1 convert 1 indicators-of-compromise 1 flask 1 visual-basic 1 logfile-upload 1 elk-stack 1 elastic 1 service 1 logstash-client 1 xml-parser 1 windows-service 1 contributions-welcome 1 config-parser 1 powershell-logs 1 i 1 windows-eventlog 1 cli 1 windowsevents 1 logging-framework 1 logging-agent 1 log-forwarder 1 forwarder 1 dotnet 1 defense 1 analytics 1 project 1 dfir-automation 1 python3 1 pysigma 1 evtxtract 1 windwos 1 forensic-tools 1