Lyc4on / EvtXHuntLinks
EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.
☆16Updated 3 years ago
Alternatives and similar repositories for EvtXHunt
Users that are interested in EvtXHunt are comparing it to the libraries listed below
Sorting:
- An experimental Velociraptor implementation using cloud infrastructure☆25Updated 2 weeks ago
- Quick ESXi Log Parser☆21Updated 5 months ago
- CLI generator for Velociraptor offline collector☆10Updated 9 months ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆31Updated 4 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆14Updated 2 weeks ago
- unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Andro…☆35Updated 2 weeks ago
- ☆17Updated 10 months ago
- ESXi Cyber Security Incident Response Script☆23Updated 9 months ago
- Thor Artifacts for Velociraptor☆16Updated last year
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Hunt for SQLite files used by various applications☆26Updated last month
- A YARA & Malware Analysis Toolkit written in Rust.☆35Updated last week
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 2 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- DNS Dashboard for hunting and identifying beaconing☆16Updated 4 years ago
- Resource links (video, slides & code) for my conference talks | presentations | workshops☆15Updated 5 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆25Updated 3 months ago
- Contains compiled binaries of Volatility☆33Updated last month
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 6 months ago
- Penguin OS Forensic (or Flight) Recorder☆40Updated 6 months ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆11Updated last week
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Updated 10 months ago
- Autopsy Module to analyze Registry Hives☆15Updated 3 years ago
- All the useful tools interesting to be used☆23Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month