Graph Visualization for windows event logs
☆242Jan 15, 2025Updated last year
Alternatives and similar repositories for epagneul
Users that are interested in epagneul are comparing it to the libraries listed below
Sorting:
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,402Nov 7, 2024Updated last year
- Search-Scan-Save-Notify☆11May 12, 2025Updated 9 months ago
- Threat Hunting tool about Sysmon and graphs☆337May 28, 2023Updated 2 years ago
- ☆100Nov 10, 2021Updated 4 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆786Feb 22, 2026Updated last week
- Forensic Imaging quickstarts!☆13Aug 12, 2022Updated 3 years ago
- A Python script that gathers all valid IP addresses from all text files from a directory, and checks them against Whois database, TOR rel…☆29Jun 27, 2022Updated 3 years ago
- Incident Response - Fast suspicious file finder☆249Jan 24, 2026Updated last month
- ☆252Sep 28, 2023Updated 2 years ago
- Supporting material for the "Hunting Bugs In The Tropics" DEFCON 30 talk☆10Aug 18, 2022Updated 3 years ago
- WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)☆779Feb 3, 2023Updated 3 years ago
- MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.☆270Sep 26, 2023Updated 2 years ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆345Jan 22, 2025Updated last year
- Hunts out CobaltStrike beacons and logs operator command output☆950Sep 4, 2024Updated last year
- ☆198Mar 19, 2020Updated 5 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Mar 21, 2023Updated 2 years ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,037Feb 24, 2026Updated last week
- 🚪 Quick & dirty Wordpress Command Execution Shell☆66Jan 24, 2022Updated 4 years ago
- An extensible, end-to-end encrypted reverse shell that works across networks without port forwarding.☆98Sep 28, 2025Updated 5 months ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 3 years ago
- Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...☆1,088Nov 8, 2025Updated 3 months ago
- Investigate malicious Windows logon by visualizing and analyzing Windows event log☆3,136Oct 19, 2025Updated 4 months ago
- This project is a SIEM with SIRP and Threat Intel, all in one.☆461Nov 20, 2024Updated last year
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆216Sep 17, 2019Updated 6 years ago
- Finding all things on-prem Microsoft for password spraying and enumeration.☆257May 17, 2022Updated 3 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- XLL Phishing Tradecraft☆440May 24, 2022Updated 3 years ago
- ☆15Jan 26, 2023Updated 3 years ago
- client-side prototype pullution vulnerability scanner☆46Aug 23, 2021Updated 4 years ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆103May 11, 2022Updated 3 years ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆612Dec 8, 2025Updated 2 months ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆98Jan 13, 2026Updated last month
- Persistence by writing/reading shellcode from Event Log☆379May 27, 2022Updated 3 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆133Mar 28, 2022Updated 3 years ago
- A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQL…☆82Mar 25, 2024Updated last year
- Windows Oracle Database Attack Toolkit☆80Jul 30, 2022Updated 3 years ago
- mip22 is a advanced phishing tool☆664Jul 31, 2024Updated last year
- An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.☆513Apr 15, 2023Updated 2 years ago
- Artifact collection tool for *nix systems☆212Mar 20, 2024Updated last year