AI-powered Windows Event Log analyzer that learns from your feedback. Uses Claude AI with RAG to detect suspicious activity, improve accuracy over time, and share learnings across your team. CLI and MCP server interfaces.
☆37Dec 18, 2025Updated 6 months ago
Alternatives and similar repositories for EventSight
Users that are interested in EventSight are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)☆17Nov 24, 2023Updated 2 years ago
- Stealthy In-Memory Local Password Harvester (SILPH) tool: dump LSA, SAM and DCC2 with indirect syscall☆136Dec 17, 2025Updated 6 months ago
- Analysis and detection engineering for the BlueHammer Windows Defender local privilege escalation vulnerability. This repo includes bug f…☆94Apr 8, 2026Updated 2 months ago
- This C# tool sprays for admin access over the entire domain☆89Dec 7, 2025Updated 6 months ago
- Small Script that permits to enumerate folders in Windows Defender Exclusion List with no Administrative privileges☆27Nov 20, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Rust / C Cross Compilation with Bazel☆11Jan 7, 2025Updated last year
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆79Feb 5, 2026Updated 5 months ago
- CVE-2025-59501 POC code☆26Nov 20, 2025Updated 7 months ago
- A lightweight command sandbox for Linux, secure-by-default, built on Landlock.☆66Mar 19, 2026Updated 3 months ago
- Some security by obscurity using port-jumping.☆14Updated this week
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆24Nov 23, 2022Updated 3 years ago
- Surgical UNWIND_INFO preservation for sleep masking without call stack spoofing.☆55Mar 30, 2026Updated 3 months ago
- Repo to hold mcp server for velociraptor☆39Apr 15, 2026Updated 2 months ago
- The code in this repository which function is to extract the shellcode from the maldoc.☆10Jul 17, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Updated this week
- A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.☆164Updated this week
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- POC tool to abuse windows server failover clusters☆58Aug 7, 2025Updated 10 months ago
- Comprehensive adversary emulation tool for security testing on Google Cloud Platform (GCP) environments.☆14Jun 14, 2024Updated 2 years ago
- Slides and resources from MCTTP 2025 Talk☆70Oct 26, 2025Updated 8 months ago
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆13Feb 27, 2026Updated 4 months ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆18Mar 4, 2023Updated 3 years ago
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15May 28, 2019Updated 7 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Chromium Cookie import / export tool☆11Jul 21, 2024Updated last year
- Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract text…☆12Jun 1, 2026Updated last month
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆71Dec 25, 2025Updated 6 months ago
- ☆14Jul 26, 2025Updated 11 months ago
- Currently proof-of-concept☆17Dec 17, 2021Updated 4 years ago
- Python CLI covering the FileScan.IO API - enabling automatic interaction with www.filescan.io or private instances☆21Jul 15, 2025Updated 11 months ago
- Payload Generation Workflow☆41Jul 18, 2025Updated 11 months ago
- A python library for runtime validation and type checking of python values.☆10Aug 11, 2022Updated 3 years ago
- This is a powershell module to help implement the AD Tier Model☆17Feb 17, 2026Updated 4 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆26Aug 2, 2025Updated 11 months ago
- ☆19Aug 26, 2020Updated 5 years ago
- These FLARE-VM configuration files are designed to be help setup a purpose-built installation, remove unnecessary packages to help stream…☆16Apr 10, 2024Updated 2 years ago
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆25Apr 27, 2026Updated 2 months ago
- Exploits Unauth Docker API☆45Apr 18, 2025Updated last year
- Tools for Incident Response and Malware Analysis☆11Feb 9, 2025Updated last year