Triaging Windows event logs based on SANS Poster
☆48Nov 22, 2025Updated 4 months ago
Alternatives and similar repositories for Evilize
Users that are interested in Evilize are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Mar 13, 2022Updated 4 years ago
- Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.☆32Oct 13, 2018Updated 7 years ago
- CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation)☆18Dec 5, 2021Updated 4 years ago
- Privescker - make life easier by dumping all your common Windows enum, privesc and post exploitation scripts and tools on to the box in o…☆45Apr 4, 2022Updated 3 years ago
- PowerShell tool to triage systems☆12May 17, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆22Jun 6, 2017Updated 8 years ago
- A PS forensics tool for Scraping, Filtering and Exporting Windows Event Logs☆15Sep 4, 2019Updated 6 years ago
- ☆13Feb 25, 2021Updated 5 years ago
- Bypass cobaltstrike beacon config scan☆84May 24, 2021Updated 4 years ago
- Generic Signature Format for SIEM Systems☆18Jul 25, 2023Updated 2 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Basic guide for performing a Physical PenTest - Nist 800-12, 800-53, 800-115, 800-152☆23Jan 1, 2023Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Windows Event Log viewer and analyzer☆19Nov 13, 2024Updated last year
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆158Nov 30, 2021Updated 4 years ago
- ☆15Jun 5, 2019Updated 6 years ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆41Apr 7, 2025Updated 11 months ago
- A new idea to build an anti ransomware☆24Oct 4, 2020Updated 5 years ago
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- Releases for the Zui Insiders app.☆22Feb 17, 2025Updated last year
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago
- Threat hunting with Sysmon and ArangoDB Graphs☆12Apr 16, 2020Updated 5 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆29Apr 10, 2024Updated last year
- Certipy in Docker☆13Mar 28, 2024Updated 2 years ago
- ☆20May 10, 2023Updated 2 years ago
- Resilient Virtual Machine Monitor is a complete fault tolerance solution for type-I hypervisors adopting one of the most popular VMM arch…☆11Jul 30, 2020Updated 5 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- ☆35Jun 22, 2021Updated 4 years ago
- Application for detecting command and control (C2) communication through network traffic analysis.☆15May 12, 2023Updated 2 years ago
- ☆133Jul 14, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆15Nov 3, 2023Updated 2 years ago
- Repository resource threat intelligence for SOC☆10Sep 14, 2018Updated 7 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆38Jul 18, 2024Updated last year
- Script to provision a curated set of pentesting tools into a Kali (supported) box.☆12Jul 10, 2021Updated 4 years ago
- A document tagging library☆34Mar 27, 2025Updated last year
- Forensic cheatsheets for use with cheat☆15Dec 2, 2021Updated 4 years ago
- .NET project for writing files to local or remote hosts☆43Jan 27, 2020Updated 6 years ago