ecosyste.ms

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: windows-event-logs

Repositories

ahmedkhlief/APT-Hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Language: Python - Size: 1.63 MB - Last synced at: 12 days ago - Pushed at: 8 months ago - Stars: 1,340 - Forks: 244

Compcode1/ioc19-unauthorized-7045

This case study captures a classic example of attacker persistence using a built-in operating system feature: the Windows service framework. Through the lens of Event ID 7045, the attacker installed a background service named WinUpdateHelper, masked to resemble a legitimate update utility.

Language: Jupyter Notebook - Size: 0 Bytes - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

carina-studio/ULogViewer

Cross-Platform Universal Log Viewer.

Language: C# - Size: 51.4 MB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 470 - Forks: 44

jrdnbradford/Windows-Event-Monitor 📦

Python 3-based multithreaded Windows Event monitoring program

Language: Python - Size: 18.6 KB - Last synced at: 26 days ago - Pushed at: almost 4 years ago - Stars: 2 - Forks: 3

rhejos/soc-detection-lab

Detection engineering lab using Splunk, Sigma, and Windows logs — mapped to MITRE ATT&CK

Size: 1.95 KB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0

iscmt/event-parser

Parses and imports a Windows Log File (CSV) into a Microsoft SQL Server Database.

Language: C# - Size: 23.4 KB - Last synced at: 3 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

nagilum/eventy

Console Windows event log viewer

Language: C# - Size: 32.2 KB - Last synced at: about 2 months ago - Pushed at: 6 months ago - Stars: 0 - Forks: 0

blackhillsinfosec/EventLogging

Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.

Language: PowerShell - Size: 255 KB - Last synced at: about 1 year ago - Pushed at: over 1 year ago - Stars: 447 - Forks: 66

S3mprGumb1/whodunnit

A PS forensics tool for Scraping, Filtering and Exporting Windows Event Logs

Language: PowerShell - Size: 380 KB - Last synced at: 11 months ago - Pushed at: almost 6 years ago - Stars: 17 - Forks: 3

kfallahi/WinAuthLogParser

Parses and Analyse Authentication on Windows Event Log

Language: PowerShell - Size: 4.88 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

RandomRhythm/wEventLogSearch

Search Windows event log and output results to a text file

Language: C# - Size: 73.2 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 1

Related Keywords

windows-event-logs 11 windows-eventlog 5 windows 4 csharp 3 threat-hunting 3 windows-event-log 3 splunk 2 cybersecurity 2 powershell 2 python3 2 incident-response 2 security 1 pywin32 1 security-tools 1 blue-team 1 python 1 detection-engineering 1 mitre-attack 1 sigma 1 soc 1 monitoring-tool 1 csvhelper 1 mssql 1 regex 1 eventlog 1 eventlogs 1 active-directory 1 elasticsearch 1 windows-event-collector 1 forensics 1 dfir 1 redteam 1 csv 1 export-fields 1 apt-attacks 1 forensic-analysis 1 purpleteam 1 edr-analysis 1 event-id-7045 1 host-persistence 1 malicious-services 1 android-development 1 cross-platform 1 customizable 1 dotnet 1 filter 1 git-log 1 linux 1 log 1 logs 1 logs-analysis 1 macos 1 osx 1 ubuntu 1 viewer-analysis 1 viewer-parser 1 application-monitoring 1 event-metrics 1 event-monitoring 1 monitoring 1