certsocietegenerale / event2timelineView external linksLinks
Simple Microsoft Windows sessions event logs visualization
☆156May 2, 2022Updated 3 years ago
Alternatives and similar repositories for event2timeline
Users that are interested in event2timeline are comparing it to the libraries listed below
Sorting:
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- VMware Snapshot Forensic Comparison Scripts☆25Mar 19, 2013Updated 12 years ago
- Python script for extracting USB information from Windows registry hives☆128Aug 14, 2019Updated 6 years ago
- Discover potential timestamps within the Windows Registry☆19Apr 22, 2014Updated 11 years ago
- Fast Incident Response☆1,988Updated this week
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- MacOS incident Response Toolkit. Mostly written while stuck on a NJTransit train.☆20Feb 20, 2020Updated 5 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 7 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- An informational repo about hunting for adversaries in your IT environment.☆14Apr 10, 2017Updated 8 years ago
- Tools from WFA 4/e, timeline tools, etc.☆145Feb 29, 2024Updated last year
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Unpack MIME attachments from a file and check them against virustotal.com☆44Mar 11, 2016Updated 9 years ago
- Decode security descriptors in $Secure on NTFS☆22Feb 24, 2022Updated 3 years ago
- The Auditd Framework logs and applies security policy to linux auditd data☆15Jan 26, 2018Updated 8 years ago
- Parser for Sdba memory pool tags☆21Jul 16, 2021Updated 4 years ago
- A modern Python-3-based alternative to RegRipper☆204Mar 31, 2025Updated 10 months ago
- Reconstruct process trees from event logs☆147Aug 12, 2020Updated 5 years ago
- Incident Response Methodologies☆1,018Aug 2, 2018Updated 7 years ago
- ☆519Jan 26, 2021Updated 5 years ago
- A DFVFS Backed Forensic Viewer☆42Apr 13, 2020Updated 5 years ago
- Parse Windows Prefetch files: Supports XP - Windows 10 Prefetch files☆122May 29, 2024Updated last year
- Yet another registry parser☆138Apr 15, 2022Updated 3 years ago
- Queries to parse sysmon event log file with microsoft logparser☆58Mar 31, 2015Updated 10 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- Maltego Transform to put entities into MISP events☆28Jul 24, 2021Updated 4 years ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆196Feb 16, 2023Updated 3 years ago
- ☆432May 3, 2023Updated 2 years ago
- Outlook add-in companion to report suspicious mail easily☆133Sep 1, 2022Updated 3 years ago
- My Year of Python Repository☆28Jun 13, 2020Updated 5 years ago
- Evtx Log (xml) Browser☆56Mar 12, 2023Updated 2 years ago
- "Evolving AppCompat/AmCache data analysis beyond grep"☆209Sep 15, 2021Updated 4 years ago
- Library of threat hunts to get any user started!☆48Sep 4, 2020Updated 5 years ago
- Windows Live Artifacts Acquisition Script☆190Jun 20, 2022Updated 3 years ago
- A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.☆734Jun 5, 2025Updated 8 months ago