Alternatives and similar repositories for ETW-Almulahaza

Users that are interested in ETW-Almulahaza are comparing it to the libraries listed below

• rshipp / ir-triage-toolkit

  View on GitHub
  Create an incident response triage toolkit for use with Windows or Linux.
  ☆18Jun 14, 2020Updated 5 years ago
• CompassSecurity / Readinizer

  View on GitHub
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆16Dec 8, 2022Updated 3 years ago
• darkoperator / SysmonLinux.Util

  View on GitHub
  PowerShell Module for parsing logs generated by Sysinternals Sysmon for Linux
  ☆37Mar 20, 2022Updated 3 years ago
• abdesslem / malwareHunter

  View on GitHub
  Static and automated/dynamic malware analysis
  ☆47Sep 28, 2015Updated 10 years ago
• Polydet / polydet

  View on GitHub
  Polyglot detector
  ☆23Jun 5, 2025Updated 8 months ago
• MatthewClarkMay / fTriage

  View on GitHub
  Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.
  ☆21Mar 12, 2019Updated 6 years ago
• repnz / rpcmon

  View on GitHub
  RPC Monitor based on The ETW Microsoft-Windows-Rpc provider
  ☆24Mar 22, 2020Updated 5 years ago
• xforcered / DayBird

  View on GitHub
  Extension functionality for the NightHawk operator client
  ☆26Oct 31, 2023Updated 2 years ago
• dhondta / AppmemDumper

  View on GitHub
  Forensics triage tool relying on Volatility and Foremost
  ☆25Dec 3, 2023Updated 2 years ago
• mgeeky / LISET

  View on GitHub
  Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…
  ☆32Aug 29, 2016Updated 9 years ago
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool

  View on GitHub
  Linux Baseline and Forensic Triage Tool - BETA
  ☆57Sep 8, 2022Updated 3 years ago
• RomaissaAdjailia / Get-AppLockerEventlog

  View on GitHub
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Aug 6, 2022Updated 3 years ago
• reprise99 / 4688-sysmon

  View on GitHub
  ☆61Jun 24, 2023Updated 2 years ago
• xme / cuckoomx

  View on GitHub
  CuckooMX is a project to automate analysis of files transmitted over SMTP (using the Cuckoo sandbox)
  ☆40Aug 2, 2012Updated 13 years ago
• defensivedepth / Pertinax

  View on GitHub
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Feb 20, 2024Updated last year
• nyaThoi / nEShit

  View on GitHub
  External Hack for Aura Kingdom TO
  ☆14Feb 17, 2023Updated 3 years ago
• tesssy123 / Fraud-Bible-

  View on GitHub
  Learn how to hack
  ☆12Aug 15, 2020Updated 5 years ago
• da4nyy / ANTIVIRUSxML

  View on GitHub
  File integrity monitor with malware detection using machine learning
  ☆14May 23, 2024Updated last year
• Reconnaishawnce / Red-Team

  View on GitHub
  Tools and Resources for Physical Security Red Teaming
  ☆46Nov 14, 2025Updated 3 months ago
• secgroundzero / ossem_modular

  View on GitHub
  OSSEM Modular
  ☆27Jun 29, 2020Updated 5 years ago
• sigmamale1980 / Multilang-fork-bombs

  View on GitHub
  Numerous fork bombs in popular programming langs ...
  ☆10May 25, 2017Updated 8 years ago
• sumeshi / evtx2es

  View on GitHub
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆86Jun 23, 2025Updated 7 months ago
• invoke-eric / jupyter

  View on GitHub
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Sep 14, 2023Updated 2 years ago
• fkie-cad / amides

  View on GitHub
  An Adaptive Misuse Detection System
  ☆46Nov 4, 2024Updated last year
• Retrospected / kerbmon

  View on GitHub
  Continuous kerberoast monitor
  ☆45Aug 24, 2023Updated 2 years ago
• alternat0r / training-basic-malware-analysis

  View on GitHub
  In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…
  ☆12May 25, 2016Updated 9 years ago
• Brandon-Everhart / Practical-Malware-Analysis

  View on GitHub
  Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.
  ☆12Oct 28, 2017Updated 8 years ago
• AdamMOdell / OSINT-equals-star

  View on GitHub
  OSINT=*, Chrome extension that searches all the threat feeds
  ☆11Dec 5, 2021Updated 4 years ago
• makitos666 / MFT_Fast_Transcoder

  View on GitHub
  MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.
  ☆12Feb 27, 2023Updated 2 years ago
• serializingme / gpo-bypass

  View on GitHub
  GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.
  ☆14Jan 28, 2023Updated 3 years ago
• cudeso / misp2defender

  View on GitHub
  MISP to Microsoft Defender integration
  ☆16Feb 6, 2026Updated last week
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆163Nov 25, 2025Updated 2 months ago
• blackberry / threat-research-and-intelligence

  View on GitHub
  BlackBerry Threat Research & Intelligence
  ☆100Oct 20, 2023Updated 2 years ago
• HuskyHacks / the-crown-defcon615

  View on GitHub
  Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
  ☆46Jan 23, 2022Updated 4 years ago
• Silv3rHorn / evtx2json

  View on GitHub
  evtx2json extracts events of interest from event logs, dedups them, and exports them to json.
  ☆41May 3, 2021Updated 4 years ago
• Intrinsec / mplog_parser

  View on GitHub
  This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.
  ☆21Sep 30, 2022Updated 3 years ago
• AbdulRhmanAlfaifi / Rhaegal

  View on GitHub
  Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…
  ☆42Sep 21, 2023Updated 2 years ago
• mass-project / mass_server

  View on GitHub
  Malware Analysis and Storage System - Server repository
  ☆12Jul 15, 2022Updated 3 years ago
• AllsafeCyberSecurity / Ghidra_FIDB

  View on GitHub
  Function ID for Malware Analysis
  ☆13Jul 6, 2020Updated 5 years ago