microsoft / EventLogExpert
☆184Updated 3 weeks ago
Alternatives and similar repositories for EventLogExpert
Users that are interested in EventLogExpert are comparing it to the libraries listed below
Sorting:
- A set of troubleshooting, diagnostic, and information utilities for Windows☆56Updated last month
- ☆62Updated last year
- PowerShell module that intearacts with the VirusTotal service using a VirusTotal API (free)☆55Updated 4 months ago
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆39Updated this week
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆130Updated last week
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆79Updated 8 months ago
- Custom ADMX template focused on hardening Windows 10 & Windows 11 systems☆82Updated this week
- http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html☆122Updated 9 months ago
- Self-contained Hyper-V Active Directory Lab Environment☆58Updated this week
- This module allows the creation of password expiry emails for users, managers, administrators, and security according to defined template…☆149Updated 3 weeks ago
- ☆201Updated 6 months ago
- OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…☆194Updated 3 months ago
- Sysmon configuration file templates with advanced event tracing and blocking☆40Updated 3 weeks ago
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆102Updated 8 months ago
- A guide to using Azure Data Explorer and KQL for DFIR☆102Updated 2 years ago
- ☆70Updated this week
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆103Updated 7 months ago
- This is an advanced KQL blog series and book☆112Updated 2 weeks ago
- A tiny tool built to find and fix common misconfigurations in Active Directory-integrated DNS☆113Updated 3 months ago
- C# based evtx parser with lots of extras☆303Updated 3 weeks ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆460Updated 2 weeks ago
- Collection of Microsoft Identity Threat Detection and Response resources.☆44Updated last week
- MDE relies on some of the Audit settings to be enabled☆97Updated 2 years ago
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆263Updated 3 years ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆189Updated 2 years ago
- Sample queries for Advanced hunting in Microsoft Defender ATP☆37Updated 3 years ago
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆188Updated last year
- Restoring some old tools to the web☆11Updated 6 months ago
- Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs☆83Updated 3 months ago
- VirtualGHOST Detection Tool☆91Updated 11 months ago