Alternatives and similar repositories for EventLogExpert

Users that are interested in EventLogExpert are comparing it to the libraries listed below

• jkerai1 / SoftwareCertificates
  Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC
  ☆50Updated this week
• AaronMargosis / Aaron-Margosis-SysNocturnals-Tools
  A set of troubleshooting, diagnostic, and information utilities (and useful scripts) for Windows
  ☆67Updated 2 months ago
• EvotecIT / VirusTotalAnalyzer
  PowerShell module that intearacts with the VirusTotal service using a VirusTotal API (free)
  ☆73Updated last month
• Harvester57 / Security-ADMX
  Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
  ☆89Updated this week
• ydkhatri / OneDrive
  OneDrive log .ODL reader
  ☆152Updated last year
• MicrosoftDocs / defender-docs
  ☆100Updated this week
• reprise99 / 4688-sysmon
  ☆61Updated 2 years ago
• MicrosoftDocs / WDAC-Toolkit
  Documentation and tools to access Windows Defender Application Control (WDAC) technology.
  ☆244Updated 2 months ago
• EvotecIT / PasswordSolution
  This module allows the creation of password expiry emails for users, managers, administrators, and security according to defined template…
  ☆157Updated 6 months ago
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆557Updated 3 weeks ago
• LearningKijo / MDEtester
  MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
  ☆191Updated last year
• mttaggart / venture
  Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs
  ☆91Updated 9 months ago
• Beercow / OneDriveExplorer
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆220Updated last week
• reprise99 / kql-for-dfir
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆117Updated 3 years ago
• Azure / MDTI-Solutions
  Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
  ☆78Updated last year
• EricZimmerman / Get-ZimmermanTools
  Get all my software
  ☆177Updated 5 months ago
• AaronMargosis / Aaron-Margosis-SysNocturnals-Extras
  Restoring some of my older tools to the web
  ☆11Updated last year
• merill / microsoft-info
  Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
  ☆164Updated last week
• Devolutions / devolutions-labs
  Self-contained Hyper-V Active Directory Lab Environment
  ☆60Updated 2 weeks ago
• THEVER1TAS / sysmon-config
  Sysmon configuration file templates with advanced event tracing and blocking
  ☆40Updated 2 months ago
• strozfriedberg / sidr
  Search Index Database Reporter
  ☆124Updated 2 weeks ago
• cyberphor / Soap
  A PowerShell module for incident response and threat hunting.
  ☆37Updated last year
• nicolonsky / ITDR
  Collection of Microsoft Identity Threat Detection and Response resources.
  ☆49Updated 2 weeks ago
• PwC-IR / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆264Updated 3 years ago
• microsoft / KqlTools
  A command line tool to explore real-time streams of events.
  ☆87Updated 9 months ago
• EZToolsManuals / EZToolsManuals
  A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub
  ☆85Updated 3 months ago
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆156Updated last year
• JeffMichelmore / MDEKit
  ☆41Updated 2 years ago
• atlantsecurity / windows-hardening-scripts
  Windows 10/11 hardening scripts
  ☆263Updated 2 months ago
• CompassSecurity / EntraFalcon
  A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged object…
  ☆277Updated last month