AI-powered Windows Event Log analyzer that learns from your feedback. Uses Claude AI with RAG to detect suspicious activity, improve accuracy over time, and share learnings across your team. CLI and MCP server interfaces.
☆37Dec 18, 2025Updated 5 months ago
Alternatives and similar repositories for EventSight
Users that are interested in EventSight are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)☆17Nov 24, 2023Updated 2 years ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆25Aug 5, 2025Updated 10 months ago
- Read PostgreSQL data files without credentials - forensics, data recovery, and security research tool☆46Apr 14, 2026Updated 2 months ago
- Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall☆136Dec 17, 2025Updated 5 months ago
- Analysis and detection engineering for the BlueHammer Windows Defender local privilege escalation vulnerability. This repo includes bug f…☆92Apr 8, 2026Updated 2 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- This C# tool sprays for admin access over the entire domain☆90Dec 7, 2025Updated 6 months ago
- Small Script that permits to enumerate folders in Windows Defender Exclusion List with no Administrative privileges☆27Nov 20, 2024Updated last year
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆76Feb 5, 2026Updated 4 months ago
- CVE-2025-59501 POC code☆26Nov 20, 2025Updated 6 months ago
- A lightweight command sandbox for Linux, secure-by-default, built on Landlock.☆66Mar 19, 2026Updated 2 months ago
- Some security by obscurity using port-jumping.☆14Aug 21, 2025Updated 9 months ago
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- Surgical UNWIND_INFO preservation for sleep masking without call stack spoofing.☆54Mar 30, 2026Updated 2 months ago
- Set of PoC to abuse Windows minifilters functionality☆86May 1, 2026Updated last month
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Repo to hold mcp server for velociraptor☆39Apr 15, 2026Updated 2 months ago
- The code in this repository which function is to extract the shellcode from the maldoc.☆10Jul 17, 2023Updated 2 years ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 6 months ago
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- POC tool to abuse windows server failover clusters☆56Aug 7, 2025Updated 10 months ago
- Comprehensive adversary emulation tool for security testing on Google Cloud Platform (GCP) environments.☆14Jun 14, 2024Updated 2 years ago
- Slides and resources from MCTTP 2025 Talk☆70Oct 26, 2025Updated 7 months ago
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆11Feb 27, 2026Updated 3 months ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆18Mar 4, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A fast, deterministic, non-cryptographic hash for use in hash tables for Rust☆15Jan 12, 2021Updated 5 years ago
- Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract text…☆12Jun 1, 2026Updated 2 weeks ago
- ☆14Jul 26, 2025Updated 10 months ago
- ☆14Jan 7, 2022Updated 4 years ago
- Currently proof-of-concept☆17Dec 17, 2021Updated 4 years ago
- Proof-of-Concept for Authorization Bypass in Next.js Middleware☆19Mar 23, 2025Updated last year
- Payload Generation Workflow☆41Jul 18, 2025Updated 10 months ago
- This is a powershell module to help implement the AD Tier Model☆17Feb 17, 2026Updated 3 months ago
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆26Aug 2, 2025Updated 10 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆19Aug 26, 2020Updated 5 years ago
- An Arduino board configuration for a Nano clone with an ATmega328PB incl. Bootloader☆11Aug 12, 2020Updated 5 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆24Apr 27, 2026Updated last month
- Tools for Incident Response and Malware Analysis☆11Feb 9, 2025Updated last year
- ☆29Jan 19, 2026Updated 4 months ago
- Exploits Unauth Docker API☆45Apr 18, 2025Updated last year
- Opengraph-Compatible JSON Generator for BloodHound☆29Mar 30, 2026Updated 2 months ago