Alternatives and similar repositories for LogonTracer

Users that are interested in LogonTracer are comparing it to the libraries listed below

• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,507Jan 24, 2023Updated 3 years ago
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,710Sep 23, 2025Updated 4 months ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆2,968Aug 21, 2024Updated last year
• sans-blue-team / DeepBlueCLI

  View on GitHub
  ☆2,383Oct 14, 2023Updated 2 years ago
• JPCERTCC / SysmonSearch

  View on GitHub
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆431Dec 22, 2023Updated 2 years ago
• nshalabi / SysmonTools

  View on GitHub
  Utilities for Sysmon
  ☆1,569Sep 21, 2025Updated 4 months ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,901Jul 6, 2024Updated last year
• ahmedkhlief / APT-Hunter

  View on GitHub
  APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …
  ☆1,400Nov 7, 2024Updated last year
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,109Updated this week
• redcanaryco / atomic-red-team

  View on GitHub
  Small and highly portable detection tests based on MITRE's ATT&CK.
  ☆11,570Updated this week
• SpecterOps / BloodHound-Legacy

  View on GitHub
  Six Degrees of Domain Admin
  ☆10,537Aug 1, 2025Updated 6 months ago
• SwiftOnSecurity / sysmon-config

  View on GitHub
  Sysmon configuration file template with default high-quality event tracing
  ☆5,379Jul 3, 2024Updated last year
• hlldz / Phant0m

  View on GitHub
  Windows Event Log Killer
  ☆1,810Sep 21, 2023Updated 2 years ago
• JPCERTCC / ToolAnalysisResultSheet

  View on GitHub
  Tool Analysis Result Sheet
  ☆356Dec 4, 2017Updated 8 years ago
• davehull / Kansa

  View on GitHub
  A Powershell incident response framework
  ☆1,639Nov 22, 2022Updated 3 years ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated 3 weeks ago
• activecm / rita-legacy

  View on GitHub
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆2,514Jan 12, 2026Updated last month
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• Neo23x0 / Loki

  View on GitHub
  Loki - Simple IOC and YARA Scanner
  ☆3,719Jan 12, 2026Updated last month
• mitre / caldera

  View on GitHub
  Automated Adversary Emulation Platform
  ☆6,733Feb 9, 2026Updated last week
• MHaggis / sysmon-dfir

  View on GitHub
  Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
  ☆937Dec 12, 2023Updated 2 years ago
• yampelo / beagle

  View on GitHub
  Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
  ☆1,339Dec 13, 2022Updated 3 years ago
• palantir / windows-event-forwarding

  View on GitHub
  A repository for using windows event forwarding for incident detection and response
  ☆1,296Sep 8, 2025Updated 5 months ago
• ION28 / BLUESPAWN

  View on GitHub
  An Active Defense and EDR software to empower Blue Teams
  ☆1,315Aug 10, 2023Updated 2 years ago
• redhuntlabs / RedHunt-OS

  View on GitHub
  Virtual Machine for Adversary Emulation and Threat Hunting
  ☆1,313Jan 22, 2025Updated last year
• meirwah / awesome-incident-response

  View on GitHub
  A curated list of tools for incident response
  ☆8,808Jul 18, 2024Updated last year
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• Yamato-Security / hayabusa

  View on GitHub
  Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
  ☆3,020Updated this week
• bluscreenofjeff / Red-Team-Infrastructure-Wiki

  View on GitHub
  Wiki to collect Red Team infrastructure hardening resources
  ☆4,440Oct 1, 2025Updated 4 months ago
• Cyb3rWard0g / HELK

  View on GitHub
  The Hunting ELK
  ☆3,913Jun 1, 2024Updated last year
• dafthack / MailSniper

  View on GitHub
  MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…
  ☆3,206Aug 7, 2025Updated 6 months ago
• infosecn1nja / AD-Attack-Defense

  View on GitHub
  Attack and defend active directory using modern post exploitation adversary tradecraft activity
  ☆4,792Jul 29, 2025Updated 6 months ago
• outflanknl / RedELK

  View on GitHub
  Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term o…
  ☆2,618Dec 13, 2025Updated 2 months ago
• Velocidex / velociraptor

  View on GitHub
  Digging Deeper....
  ☆3,763Updated this week
• Invoke-IR / PowerForensics

  View on GitHub
  PowerForensics provides an all in one platform for live disk forensic analysis
  ☆1,428Nov 16, 2023Updated 2 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆349Mar 19, 2021Updated 4 years ago
• ThreatHuntingProject / ThreatHunting

  View on GitHub
  An informational repo about hunting for adversaries in your IT environment.
  ☆1,846Nov 17, 2021Updated 4 years ago
• p3nt4 / PowerShdll

  View on GitHub
  Run PowerShell with rundll32. Bypass software restrictions.
  ☆1,823Mar 17, 2021Updated 4 years ago