EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.
☆15Nov 7, 2021Updated 4 years ago
Alternatives and similar repositories for EvtXHunt
Users that are interested in EvtXHunt are comparing it to the libraries listed below
Sorting:
- ☆10May 1, 2020Updated 5 years ago
- Various short scripts and tools used for Digital Forensics☆14Apr 13, 2025Updated 10 months ago
- no longer maintained☆18Feb 22, 2018Updated 8 years ago
- Autopsy NBM Plugins☆18Jul 9, 2023Updated 2 years ago
- ☆11Jan 28, 2025Updated last year
- This repository lists all active Microsoft domains | no URLs and no sub-domains | for the purpose of Whitelisting in various systems and …☆43Jan 8, 2026Updated last month
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆33May 25, 2024Updated last year
- GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.☆14Jan 28, 2023Updated 3 years ago
- Ransomware Detection Test PowerShell Script☆11Sep 22, 2017Updated 8 years ago
- Mapbox API Client for Go☆12Dec 12, 2024Updated last year
- OSINT=*, Chrome extension that searches all the threat feeds☆11Dec 5, 2021Updated 4 years ago
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.☆12Feb 27, 2023Updated 3 years ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 9 years ago
- Initial triage of Windows Event logs☆106Jun 16, 2024Updated last year
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- A wifi-aware background downloader that maintains a queue of files☆11Sep 25, 2025Updated 5 months ago
- Detect the possible hash-types corresponding to a string, right from your terminal.☆11Jan 5, 2023Updated 3 years ago
- Malware Analysis and Storage System - Server repository☆12Jul 15, 2022Updated 3 years ago
- Asynchronous public DNS auditing tool☆11May 22, 2023Updated 2 years ago
- Tools and Binaries to use with KAPE☆13Aug 13, 2019Updated 6 years ago
- IDA plugin for YARA signature creation☆19Nov 30, 2025Updated 3 months ago
- Source files found after a recent hack of one of my machines, showing how the infection spreads itself and what it does, useful for analy…☆13May 4, 2020Updated 5 years ago
- Scripts that disables unwanted windows features☆15Jan 6, 2023Updated 3 years ago
- Miscellaneous parsing scripts for penetration testing☆12Jul 17, 2023Updated 2 years ago
- Simple RESTful API implementation on Node.js + Express + MongoDB.☆10Jan 23, 2023Updated 3 years ago
- Function ID for Malware Analysis☆13Jul 6, 2020Updated 5 years ago
- Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersec…☆15Jul 19, 2025Updated 7 months ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- A simple server to act as a Veeam "honeypot" providing alerting for network scans for Veeam services☆16Aug 31, 2025Updated 6 months ago
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- An Android lock screen brute-force software☆11Sep 24, 2023Updated 2 years ago
- This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recomman…☆11Mar 2, 2023Updated 3 years ago
- OpennessWebView2 Control☆14Oct 15, 2023Updated 2 years ago
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 4 years ago
- CLI generator for Velociraptor offline collector☆16Oct 10, 2025Updated 4 months ago
- ☆13May 30, 2025Updated 9 months ago
- Scan and categorize websites for rapid triage☆12Jun 23, 2022Updated 3 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Jul 1, 2015Updated 10 years ago