Alternatives and similar repositories for winevt:

Users that are interested in winevt are comparing it to the libraries listed below

• libyal / libvshadow
  Library and tools to access the Volume Shadow Snapshot (VSS) format
  ☆111Updated 8 months ago
• dgunter / evtxtoelk
  A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
  ☆116Updated 4 years ago
• realparisi / WMI_Monitor
  Log newly created WMI consumers and processes to the Windows Application event log
  ☆124Updated 7 years ago
• williballenthin / python-evt
  Pure Python parser for classic Windows Event Log files (.evt)
  ☆50Updated last year
• DCSO / MISP-dockerized
  ☆33Updated 5 years ago
• certsocietegenerale / fame_modules
  Community modules for FAME
  ☆65Updated 3 months ago
• Neo23x0 / sysmon-version-history
  An Inofficial Sysmon Version History (Change Log)
  ☆32Updated 4 years ago
• brakmic / Sinkholes
  Malware Sinkhole List in various formats
  ☆103Updated 2 years ago
• joesecurity / awesome-malware-analysis
  A curated list of awesome malware analysis tools and resources
  ☆21Updated 7 years ago
• tenable / yara-rules
  Repository of yara rules
  ☆60Updated 2 years ago
• InQuest / sandboxapi
  Minimal, consistent Python API for building integrations with malware sandboxes.
  ☆138Updated last year
• RUB-NDS / MS-RMS-Attacks
  Breaking the security of Microsoft's RMS
  ☆54Updated 5 years ago
• idiom / pftriage
  Python tool and library to help analyze files during malware triage and analysis.
  ☆78Updated 4 years ago
• MotiBa / Sysmon
  Sysmon configuration
  ☆65Updated 6 years ago
• IllusiveNetworks-Labs / HistoricProcessTree
  An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…
  ☆60Updated 7 years ago
• hatching / sflock
  Sample staging & detonation utility to be used in combination with Cuckoo Sandbox.
  ☆83Updated last year
• williballenthin / python-ntfs
  Open source Python library for NTFS analysis
  ☆80Updated 7 years ago
• MISP / PyMISPWarningLists
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆33Updated 3 months ago
• Yara-Rules / yara-endpoint
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆109Updated 7 years ago
• plyara / plyara
  Parse YARA rules and operate over them more easily.
  ☆187Updated 3 months ago
• libyal / libevtx
  Library and tools to access the Windows XML Event Log (EVTX) format
  ☆200Updated 7 months ago
• salesforce / bro-sysmon
  How to Zeek Sysmon Logs!
  ☆101Updated 3 years ago
• YahooArchive / PyIOCe
  Python IOC Editor
  ☆63Updated 10 years ago
• Silv3rHorn / ArtifactExtractor
  Extract common Windows artifacts from source images and VSCs
  ☆65Updated 4 years ago
• rjhansen / nsrllookup
  Checks with NSRL RDS servers looking for for hash matches
  ☆114Updated 4 years ago
• certtools / malware_name_mapping
  A mapping of used malware names to commonly known family names
  ☆62Updated 2 years ago
• CIRCL / PyPDNS
  Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.
  ☆81Updated last month
• tribalchicken / postfix-cuckoolyse
  A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox
  ☆11Updated 9 years ago
• reed1713 / ELAT
  Event Log Analysis Tools
  ☆29Updated 8 years ago
• scudette / memory-analysis
  A Rekall interactive document for a Memory Analysis workshop/course.
  ☆43Updated 8 years ago