Parse evtx files and detect use of the DanderSpritz eventlogedit module
☆151Dec 15, 2017Updated 8 years ago
Alternatives and similar repositories for danderspritz-evtx
Users that are interested in danderspritz-evtx are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Publicly shareable windows event log message data☆29Nov 29, 2019Updated 6 years ago
- Various scrips☆12Oct 19, 2022Updated 3 years ago
- Remove individual lines from Windows XML Event Log (EVTX) files☆273Apr 17, 2021Updated 5 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Library and tools to access the Windows XML Event Log (EVTX) format☆237Updated this week
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Python script to decode common encoded PowerShell scripts☆216Jun 13, 2018Updated 7 years ago
- ☆434May 3, 2023Updated 3 years ago
- Pure Python parser for Windows Event Log files (.evtx)☆771Mar 19, 2026Updated 2 months ago
- ☆152Jun 5, 2024Updated 2 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- A modern Python-3-based alternative to RegRipper☆215May 12, 2026Updated 3 weeks ago
- EVTXtract recovers and reconstructs fragments of EVTX log files from raw binary data, including unallocated space and memory images.☆211Mar 12, 2025Updated last year
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 10 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆108Jul 2, 2017Updated 8 years ago
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆110Jan 26, 2021Updated 5 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,435Nov 16, 2023Updated 2 years ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Jan 6, 2021Updated 5 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆118Apr 27, 2026Updated last month
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 9 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Reconstruct process trees from event logs☆148Aug 12, 2020Updated 5 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- A Windows Event Processing Utility☆47Feb 21, 2018Updated 8 years ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,178Apr 22, 2026Updated last month
- The goal of this project is to examine, reverse, and document the different modules available in the Equation Group's DanderSpritz post-e…☆334Jun 23, 2018Updated 7 years ago
- A lightweight tool to load Windows Event Log evtx files into Elasticsearch.☆119Nov 6, 2020Updated 5 years ago
- Registry Explorer bookmark definitions☆45Dec 19, 2024Updated last year
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Binary commandline executable to parse ETL files☆69Jun 7, 2018Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- PowerShell Script to Dump Windows Credentials from the Credential Manager☆734Dec 12, 2017Updated 8 years ago
- Lazy Office Analyzer☆121Feb 15, 2017Updated 9 years ago
- Attacking and defending web and VPN session hijacking in Pulse Secure Connect☆14Oct 24, 2019Updated 6 years ago
- RDP Bitmap Cache parser☆664Apr 27, 2026Updated last month
- ☆314Aug 14, 2020Updated 5 years ago
- A fully functional DanderSpritz lab in 2 commands☆451May 16, 2019Updated 7 years ago
- ☆520Jan 26, 2021Updated 5 years ago