This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you select the EVTX file and specify a time for correlating login and logout events.
☆31Feb 22, 2025Updated last year
Alternatives and similar repositories for LogonSessionAuditor
Users that are interested in LogonSessionAuditor are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A tool for fetching DFIR and other GitHub tools.☆29Aug 2, 2025Updated 9 months ago
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated last year
- A Model Context Protocol (MCP) server that integrates Volatility 3 memory forensics framework with Claude☆38Jul 7, 2025Updated 10 months ago
- Quick ESXi Log Parser☆31Oct 20, 2025Updated 7 months ago
- macOS Artifacts☆33Mar 2, 2025Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight,…☆43Oct 24, 2025Updated 6 months ago
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated 3 months ago
- MAES: M365 Analyzer & Extractor Suite Po☆36May 4, 2026Updated 2 weeks ago
- Portable Windows forensic tool for reviewing Firefox-like and Chromium-based browser artifacts, with labeling, search, CLI processing, an…☆57May 10, 2026Updated last week
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆65Dec 18, 2024Updated last year
- ☆25Feb 18, 2025Updated last year
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Tools for Incident Response and Malware Analysis☆11Feb 9, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- CLI tools for forensic investigation of Windows artifacts☆351Jul 21, 2025Updated 10 months ago
- Scanner for certain IoCs☆11Jan 29, 2025Updated last year
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆110Apr 8, 2026Updated last month
- Comprehensive adversary emulation tool for security testing on Google Cloud Platform (GCP) environments.☆14Jun 14, 2024Updated last year
- This repository contains official source code and writeups for challenges from World Wide CTF 2024 - https://ctftime.org/event/2572☆12Dec 19, 2024Updated last year
- Tools and scripts to deploy and manage OpenRelik instances☆16Mar 23, 2026Updated last month
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆12May 6, 2026Updated 2 weeks ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- PowerShell tools to help defenders hunt smarter, hunt harder.☆483Oct 29, 2025Updated 6 months ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Oct 30, 2024Updated last year
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- ☆23Mar 12, 2025Updated last year
- PowerShell-based Automation of Defender for Endpoint☆193Jul 3, 2025Updated 10 months ago
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆325Feb 26, 2026Updated 2 months ago
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆55Jan 26, 2025Updated last year
- A Windows Event Log MCP☆46Aug 25, 2025Updated 8 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆91Updated this week
- Windows Forensics Environment Builder☆185Updated this week
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆621May 8, 2026Updated 2 weeks ago
- Yara rules☆21Mar 27, 2023Updated 3 years ago
- Contains compiled binaries of Volatility☆36May 18, 2025Updated last year
- StickyParser - Sticky Notes Forensic. A Windows Sticky Notes Praser (snt and plum.sqlite supported). Additional Feature: SQLite Recovery …☆21Jul 18, 2023Updated 2 years ago