This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you select the EVTX file and specify a time for correlating login and logout events.
☆31Feb 22, 2025Updated last year
Alternatives and similar repositories for LogonSessionAuditor
Users that are interested in LogonSessionAuditor are comparing it to the libraries listed below
Sorting:
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 6 months ago
- A series of python scripts to extract information from Dark Web Applications☆14Mar 26, 2025Updated 11 months ago
- A Model Context Protocol (MCP) server that integrates Volatility 3 memory forensics framework with Claude☆30Jul 7, 2025Updated 7 months ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight,…☆35Oct 24, 2025Updated 4 months ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- macOS Artifacts☆33Mar 2, 2025Updated last year
- Parses USB connection artifacts from offline Registry hives☆107Feb 8, 2026Updated 3 weeks ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆64Dec 18, 2024Updated last year
- MAES: M365 Analyzer & Extractor Suite Po☆33Feb 14, 2026Updated 2 weeks ago
- Tools for OSINT in Emirates☆25Apr 13, 2025Updated 10 months ago
- ☆24Mar 12, 2025Updated 11 months ago
- Elyzer is an email header analyzer, written in python, capable of detecting potential spoofing attempts.☆47Dec 18, 2024Updated last year
- CLI tools for forensic investigation of Windows artifacts☆349Jul 21, 2025Updated 7 months ago
- Tools for Incident Response and Malware Analysis☆11Feb 9, 2025Updated last year
- A simple python script to generate nested folders based on user input. The script will also name and place a template report document and…☆11Jun 19, 2025Updated 8 months ago
- A list of OSINT resources and tools that may be useful when conducting investigations related to the Kingdom of Saudi Arabia☆12May 12, 2025Updated 9 months ago
- FileSigExtractor is a python based tool which extracts the file signatures of all files within a directory and writes the output to a CSV…☆10Jul 15, 2023Updated 2 years ago
- ☆23Jun 28, 2025Updated 8 months ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- A high-speed forensic timeline engine for Windows forensic artifact CSV output built for DFIR investigators. Quickly consolidate CSV outp…☆308Updated this week
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆51Jan 26, 2025Updated last year
- Windows Forensics Environment Builder☆179Dec 5, 2025Updated 2 months ago
- A Windows Event Log MCP☆40Aug 25, 2025Updated 6 months ago
- Comprehensive adversary emulation tool for security testing on Google Cloud Platform (GCP) environments.☆14Jun 14, 2024Updated last year
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆46Jan 2, 2022Updated 4 years ago
- ☆11Aug 3, 2018Updated 7 years ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- /ˈhäjˌpäj/ "a confused mixture."☆13Feb 21, 2026Updated last week
- Scripts to for ready-to-use Velociraptor instance deployment in Azure☆14Jun 27, 2023Updated 2 years ago
- Scanner for certain IoCs☆11Jan 29, 2025Updated last year
- Browser Reviewer is a portable forensic tool for analyzing user activity in Firefox and Chrome-based browsers. It extracts and displays b…☆55Oct 10, 2025Updated 4 months ago
- PowerShell tools to help defenders hunt smarter, hunt harder.☆473Oct 29, 2025Updated 4 months ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Jan 13, 2026Updated last month
- Fork this repo! Do a Pull Request! As many times as you want! Learn the ins and outs of how to contribute to GitHub! Make your mistakes h…☆14Jun 21, 2024Updated last year
- Automatic, fast parsing of browser artifacts☆17Jan 4, 2025Updated last year