Alternatives and similar repositories for windows_event_logging:

Users that are interested in windows_event_logging are comparing it to the libraries listed below

• MalwareArchaeology / ARTHIR
  ATT&CK Remote Threat Hunting Incident Response
  ☆200Updated 3 months ago
• Infocyte / PSHunt
  Powershell Threat Hunting Module
  ☆283Updated 8 years ago
• miriamxyra / EventList
  EventList
  ☆373Updated 3 years ago
• jepayneMSFT / WEFFLES
  Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI
  ☆203Updated 7 years ago
• OTRF / Blacksmith
  Building environments to replicate small networks and deploy applications
  ☆321Updated last month
• nsacyber / AppLocker-Guidance
  Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber
  ☆210Updated last week
• LogRhythm-Tools / LogRhythm.Tools
  LogRhythm PowerShell Toolkit
  ☆50Updated 2 months ago
• darkoperator / Posh-Sysmon
  PowerShell module for creating and managing Sysinternals Sysmon config files.
  ☆207Updated 3 years ago
• MHaggis / hunt-detect-prevent
  Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
  ☆165Updated 6 years ago
• joshzelonis / attack-eval-scoring
  This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…
  ☆95Updated 4 years ago
• intrepidtechie / KITT-O365-Tool
  KITT - An Open Source PowerShell O365 Business Email Compromise Investigation Tool
  ☆115Updated 4 years ago
• PwC-IR / Business-Email-Compromise-Guide
  The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…
  ☆253Updated 4 years ago
• swannman / ircapabilities
  Incident Response Hierarchy of Needs
  ☆456Updated last year
• IBM / wincollect
  ☆58Updated last year
• CrowdStrike / falcon-orchestrator
  CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities
  ☆186Updated last year
• carbonblack / cbapi-python
  Carbon Black API - Python language bindings
  ☆145Updated 6 months ago
• d3sre / Use_Case_Applicability
  Security Monitoring Resolution Categories
  ☆138Updated 3 years ago
• bromiley / olaf
  Office365 Log Analysis Framework
  ☆82Updated 5 years ago
• cottinghamd / HardeningAuditor
  Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides
  ☆159Updated 5 years ago
• HASecuritySolutions / Presentations
  ☆131Updated last year
• MalwareArchaeology / ATTACK
  MITRE ATT&CK Windows Logging Cheat Sheets
  ☆338Updated 6 years ago
• JoeyRentenaar / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆159Updated last year
• Asymmetric-InfoSec / Power-Response
  Powering Up Incident Response with Power-Response
  ☆63Updated 5 years ago
• rootsecdev / Microsoft-Blue-Forest
  Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers
  ☆263Updated 5 months ago
• alexverboon / MDATP
  MDATP
  ☆459Updated 8 months ago
• inodee / threathunting-spl
  Splunk code (SPL) for serious threat hunters and detection engineers.
  ☆273Updated last year
• activecm / BeaKer
  Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
  ☆296Updated 5 months ago
• redcanaryco / surveyor
  A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
  ☆207Updated 3 weeks ago
• PwC-IR / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆262Updated 3 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆121Updated 4 years ago