airbus-cert/Splunk-ETW external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

airbus-cert/Splunk-ETW

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/airbus-cert/Splunk-ETW)

Close

airbus-cert / Splunk-ETWView on GitHubMore

• External links
• Readme badge

A Splunk Technology Add-on to forward filtered ETW events.

☆30Oct 14, 2020Updated 5 years ago

Alternatives and similar repositories for Splunk-ETW

Users that are interested in Splunk-ETW are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• wightsci / MessageTableReader

  View on GitHub
  Read Windows message table entries.
  ☆11Feb 5, 2023Updated 3 years ago
• airbus-cert / PSTrace

  View on GitHub
  Trace ScriptBlock execution for powershell v2
  ☆40Jan 14, 2020Updated 6 years ago
• xameco-be / pfaudit

  View on GitHub
  pfSense Configuration Auditing Script
  ☆13Dec 14, 2020Updated 5 years ago
• DissectMalware / ClipboardWatcher

  View on GitHub
  Monitor the textual data pasted into Windows clipboard
  ☆29Nov 4, 2018Updated 7 years ago
• d3sre / Use_Case_Applicability

  View on GitHub
  Security Monitoring Resolution Categories
  ☆137Nov 25, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• airbus-cert / Winshark

  View on GitHub
  A wireshark plugin to instrument ETW
  ☆580Jan 28, 2022Updated 4 years ago
• ANSSI-FR / WAAD

  View on GitHub
  Détection d'anomalie à partir des journaux d'authentification Windows
  ☆18Apr 16, 2021Updated 4 years ago
• certsocietegenerale / rAIdline

  View on GitHub
  IR drill plateform
  ☆23Jul 29, 2025Updated 7 months ago
• peterwintersmith / crystalaep

  View on GitHub
  Crystal Anti-Exploit Protection 2012
  ☆37May 31, 2020Updated 5 years ago
• sebmarchand / pyetw

  View on GitHub
  ☆13Apr 6, 2016Updated 9 years ago
• fatihsirin / Tweettioc-Splunk-App

  View on GitHub
  Tweettioc Splunk App
  ☆20Aug 25, 2020Updated 5 years ago
• slyd0g / LNKMod

  View on GitHub
  C# project to create or modify existing LNKs
  ☆54Oct 18, 2022Updated 3 years ago
• Beercow / DFIR_Toolbar

  View on GitHub
  ☆28Oct 15, 2025Updated 5 months ago
• netcoredor / openc2-cmdgen

  View on GitHub
  A Web Self Service Application for Generating OpenC2 Commands
  ☆10Sep 26, 2019Updated 6 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• jipegit / IRNotes

  View on GitHub
  Some IR notes
  ☆73Jul 23, 2016Updated 9 years ago
• airbus-cert / etl-parser

  View on GitHub
  Event Trace Log file parser in pure Python
  ☆150Nov 27, 2020Updated 5 years ago
• jipegit / IncidentsMindMaps

  View on GitHub
  Cybersecurity Incidents Mind Maps
  ☆34Sep 29, 2021Updated 4 years ago
• ANSSI-FR / orc2timeline

  View on GitHub
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Jun 27, 2025Updated 8 months ago
• Manticore-Platform / manticore-cli

  View on GitHub
  Manticore Adversary Emulation Cli
  ☆47Aug 4, 2020Updated 5 years ago
• DFIR-ORC / dfir-orc

  View on GitHub
  Forensics artefact collection tool for systems running Microsoft Windows
  ☆434Mar 26, 2025Updated last year
• paranoidninja / Cobaltstrike-Detection

  View on GitHub
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Oct 12, 2023Updated 2 years ago
• airbus-cert / regrippy

  View on GitHub
  A modern Python-3-based alternative to RegRipper
  ☆212Mar 31, 2025Updated 11 months ago
• 4n6ist / usn_analytics

  View on GitHub
  It's not just UsnJrnl (USN Journal Records/Change Journal Records) parser.
  ☆23Nov 11, 2018Updated 7 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• mattifestation / WindowsEventLogMetadata

  View on GitHub
  Event metadata collected across all manifest-based ETW providers on Window 10 1903
  ☆32Nov 25, 2019Updated 6 years ago
• DFIR-ORC / dfir-orc-config

  View on GitHub
  Configurations for DFIR ORC
  ☆28Mar 28, 2024Updated last year
• certsocietegenerale / NotifySecurity

  View on GitHub
  Outlook add-in companion to report suspicious mail easily
  ☆133Sep 1, 2022Updated 3 years ago
• thalium / WinDbgFastObj

  View on GitHub
  ☆21Jun 3, 2021Updated 4 years ago
• vortessence / vortessence

  View on GitHub
  Automated memory forensics analysis
  ☆32Aug 20, 2019Updated 6 years ago
• felixe / idsEventGenerator

  View on GitHub
  aka GENESIDS: Reads and parses rules using a "snort like" syntax and generates and sends packets that trigger events in signature based I…
  ☆23Nov 9, 2018Updated 7 years ago
• Harvester57 / CodeIntegrity-DriverBlocklist

  View on GitHub
  ☆20May 30, 2025Updated 9 months ago
• Manticore-Platform / ransomware-emulation

  View on GitHub
  Manticore Ransomware Emulation - Educational Purpose Only!
  ☆10Aug 2, 2020Updated 5 years ago
• Beercow / SEPparser

  View on GitHub
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆65Dec 21, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• jonny-jhnson / TelemetrySource

  View on GitHub
  ☆262May 9, 2024Updated last year
• anelshaer / Remote-Linux-Triage-Collection-using-OSquery

  View on GitHub
  Remotely collect linux live forensics artifacts.
  ☆14Jul 8, 2022Updated 3 years ago
• cado-security / varc

  View on GitHub
  Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…
  ☆254Nov 18, 2024Updated last year
• libyal / winevt-kb

  View on GitHub
  Windows Event Log Knowledge Base
  ☆31Dec 23, 2025Updated 3 months ago
• jonny-jhnson / PowerParse

  View on GitHub
  PowerShell PE Parser
  ☆63Jun 28, 2024Updated last year
• NVISOsecurity / sigma-public

  View on GitHub
  Generic Signature Format for SIEM Systems
  ☆18Jul 25, 2023Updated 2 years ago
• 3CORESec / S2AN

  View on GitHub
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆91Dec 8, 2022Updated 3 years ago