Alternatives and similar repositories for evtx-toolkit:

Users that are interested in evtx-toolkit are comparing it to the libraries listed below

• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆41Updated 4 years ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• NVISOsecurity / nviso-cti
  ☆41Updated 9 months ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆53Updated 6 months ago
• intelforge / tmc
  Threat Mapping Catalogue
  ☆17Updated 3 years ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• mandiant / goauditparser
  ☆44Updated last year
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• DomainTools / DomainCAT
  Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations
  ☆43Updated 3 years ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆85Updated 2 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆50Updated 2 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• MISP / SkillAegis
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆22Updated last month
• NextronSystems / thor_attck
  THOR MITRE ATT&CK Framework Coverage
  ☆24Updated 4 years ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 2 years ago
• M3NIX / sigmaio
  simple webapp for converting sigma rules into siem queries using the pySigma library
  ☆47Updated last year
• olafhartong / sysmon-modular-linux
  A repository of Sysmon For Linux configuration modules
  ☆15Updated 3 years ago
• hxnoyd / ossem-power-up
  A tool to assess data quality, built on top of the awesome OSSEM.
  ☆76Updated 2 years ago
• nettitude / defensive-scripts
  Defence Against the Dark Arts
  ☆34Updated 5 years ago
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆52Updated 7 months ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• vadim-hunter / Threat-Hunters-KB
  Threat Hunter's Knowledge Base
  ☆22Updated 3 years ago
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated 2 years ago
• philhagen / for572-scripts
  A completely unsupported set of scripts used in SANS FOR572, Advanced Network Forensics and Analysis
  ☆25Updated last month