georgi-i / winevt_logs_analysis
Searching .evtx logs for remote connections
☆23Updated last year
Alternatives and similar repositories for winevt_logs_analysis:
Users that are interested in winevt_logs_analysis are comparing it to the libraries listed below
- CIS Benchmark testing of Windows SIEM configuration☆44Updated last year
- Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082☆25Updated 2 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆49Updated 3 years ago
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Updated 2 years ago
- ☆21Updated last year
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆36Updated 5 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…☆47Updated 4 years ago
- ☆18Updated last year
- Log converter from CS log to Ghostwriter CSV☆29Updated 4 years ago
- Red Teaming & Active Directory Cheat Sheet.☆40Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated 2 years ago
- Active DIrectory Lab for Pentesting Practice☆24Updated 2 years ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆23Updated 2 years ago
- Execute embedded Mimikatz☆13Updated 3 years ago
- A script used to query the dehashed API and filter for more useful results☆15Updated 3 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 3 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- Web access logs analyzer - provides an insight on how remote hosts behave☆15Updated 3 years ago
- Analyzing AD domains for security risks related to user accounts☆63Updated 2 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.☆26Updated 2 years ago
- A basic proxylogon scanner☆27Updated 3 years ago
- Socks proxy server using powershell. Supports local and reverse connections for pivoting.☆11Updated 4 years ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Updated last year
- Azure pentesting reference for Altered Security Lab☆24Updated 3 years ago
- Pwnage☆16Updated 2 months ago