0xrawsec / golang-evtx
☆165Updated 2 years ago
Alternatives and similar repositories for golang-evtx:
Users that are interested in golang-evtx are comparing it to the libraries listed below
- Signature engine for all your logs☆168Updated last year
- Golang Parser for Microsoft Event Logs☆102Updated 3 months ago
- Go library for ETW (Event Tracing for Windows) events processing☆65Updated 2 years ago
- Golang library that implements a sigma log rule parser and match engine.☆95Updated 9 months ago
- A Go implementation and parser for Sigma rules.☆88Updated 8 months ago
- simple YARA-based IOC scanner☆169Updated 2 months ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆214Updated 5 years ago
- ☆164Updated 4 years ago
- APIs for generating STIX 2.1 and TAXII 2.1 messages with Go (Golang)☆53Updated 5 months ago
- A Go implementation of JARM☆118Updated 2 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Updated 7 years ago
- ☆53Updated 6 years ago
- Go library for subscribing to Windows Event Log☆30Updated 6 years ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated 11 months ago
- ☆40Updated 2 years ago
- gyp: A pure Go YARA parser☆107Updated last year
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- Anything Sysmon related from the MSTIC R&D team☆153Updated 10 months ago
- Code and yara rules to detect and analyze Cobalt Strike☆266Updated 4 years ago
- Go bindings for YARA☆366Updated 9 months ago
- enpoint detection / live analysis & sandbox host / signatures quality test☆44Updated 4 years ago
- Collect autorun records from running system☆61Updated 3 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆224Updated 4 years ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Malware Sinkhole List in various formats☆103Updated 2 years ago
- Threat Alert Logic Repository☆92Updated 6 years ago
- Library and tools to access the Windows XML Event Log (EVTX) format☆199Updated 7 months ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 2 years ago
- An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal☆201Updated 3 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆116Updated 4 years ago