Triaging Windows event logs based on SANS Poster
☆47Nov 22, 2025Updated 5 months ago
Alternatives and similar repositories for Evilize
Users that are interested in Evilize are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Mar 13, 2022Updated 4 years ago
- Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.☆32Oct 13, 2018Updated 7 years ago
- CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)☆18Dec 5, 2021Updated 4 years ago
- PowerShell tool to triage systems☆12May 17, 2023Updated 2 years ago
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆23Jun 6, 2017Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A PS forensics tool for Scraping, Filtering and Exporting Windows Event Logs☆14Sep 4, 2019Updated 6 years ago
- ☆13Feb 25, 2021Updated 5 years ago
- Bypass cobaltstrike beacon config scan☆85May 24, 2021Updated 4 years ago
- Generic Signature Format for SIEM Systems☆18Jul 25, 2023Updated 2 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Some of my drawings☆12May 6, 2022Updated 4 years ago
- Basic guide for performing a Physical PenTest - Nist 800-12, 800-53, 800-115, 800-152☆23Jan 1, 2023Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- ☆14Jun 5, 2019Updated 6 years ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆42Updated this week
- A new idea to build an anti ransomware☆23Oct 4, 2020Updated 5 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 6 years ago
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- Releases for the Zui Insiders app.☆23Feb 17, 2025Updated last year
- Command line & PPID spoofing☆30Apr 15, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Threat hunting with Sysmon and ArangoDB Graphs☆13Apr 16, 2020Updated 6 years ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆28Apr 10, 2024Updated 2 years ago
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- ☆21May 10, 2023Updated 2 years ago
- Resilient Virtual Machine Monitor is a complete fault tolerance solution for type-I hypervisors adopting one of the most popular VMM arch…☆11Jul 30, 2020Updated 5 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- ☆35Jun 22, 2021Updated 4 years ago
- Application for detecting command and control (C2) communication through network traffic analysis.☆16May 12, 2023Updated 2 years ago
- Repository resource threat intelligence for SOC☆10Sep 14, 2018Updated 7 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Script to provision a curated set of pentesting tools into a Kali (supported) box.☆12Jul 10, 2021Updated 4 years ago
- A document tagging library☆34May 2, 2026Updated last week
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- .NET project for writing files to local or remote hosts☆43Jan 27, 2020Updated 6 years ago
- A lightweight C++/C AFF4 reader library☆15Feb 5, 2026Updated 3 months ago
- ☆15May 26, 2021Updated 4 years ago