Alternatives and similar repositories for EvtXHunt

Users that are interested in EvtXHunt are comparing it to the libraries listed below

• op7ic / unix_collector
  unix_collector is a Live Response collection script for Incident Response on UNIX-like systems using native binaries. Supports AIX, Andro…
  ☆39Updated 6 months ago
• plonxyz / 4n6pi
  ☆21Updated last month
• HuskyHacks / blue-jupyter
  Jupyter Notebooks for the Blue Team
  ☆39Updated 10 months ago
• cmdaltr / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆32Updated 3 weeks ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool
  Linux Baseline and Forensic Triage Tool - BETA
  ☆57Updated 3 years ago
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆77Updated 4 years ago
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆41Updated 11 months ago
• NextronSystems / velociraptor-artifacts-thor
  Thor Artifacts for Velociraptor
  ☆18Updated last week
• archcloudlabs / BSidesRoc2022_Linux_Malware_Analysis_Course
  BSidesRoc 2022 Linux Malware/Forensics Course
  ☆76Updated 3 years ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆54Updated last year
• lxndrblz / forensicsim
  A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…
  ☆112Updated 3 weeks ago
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆28Updated last month
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 5 months ago
• Beercow / DFIR_Toolbar
  ☆27Updated 2 months ago
• CyberDefend3r / PowerShell-Deobfuscation-Exercise
  An exercise to practice deobfuscating PowerShell Scripts.
  ☆26Updated 2 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Updated last week
• elementalsouls / DumpLSASS
  ☆33Updated last year
• kacos2000 / Prefetch-Browser
  Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's
  ☆62Updated 11 months ago
• stuxnet999 / EventTranscriptParser
  Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)
  ☆66Updated 2 years ago
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆25Updated last year
• curated-intel / MOVEit-Transfer
  A repository for tracking events related to the MOVEit Transfer Cl0p Campaign
  ☆71Updated 2 years ago
• stuxnet999 / volatility-binaries
  Contains compiled binaries of Volatility
  ☆37Updated 6 months ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆73Updated 4 months ago
• McL0vinn / Windows-Forensic-Examination-and-Threat-Hunting
  Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…
  ☆13Updated 3 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆106Updated last year
• sandmaxprime / VagrantMalwareWin10VM
  Vagrant Files to create a Virtualbox VM for Malware Analysis
  ☆13Updated 4 years ago
• evild3ad / Get-MiniTimeline
  Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE
  ☆33Updated last year
• alwashali / detection-validation
  Detection rule validation
  ☆40Updated 2 years ago
• loganflook / PowerShell-Scripts
  Repo to hold my PowerShell Scripts
  ☆17Updated 3 years ago