Alternatives and similar repositories for EventLogExpert

Users that are interested in EventLogExpert are comparing it to the libraries listed below

• ydkhatri / OneDrive
  OneDrive log .ODL reader
  ☆156Updated last year
• jkerai1 / SoftwareCertificates
  Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC
  ☆64Updated this week
• AaronMargosis / Aaron-Margosis-SysNocturnals-Tools
  A set of troubleshooting, diagnostic, and information utilities (and useful scripts) for Windows
  ☆67Updated 5 months ago
• EvotecIT / VirusTotalAnalyzer
  PowerShell module that intearacts with the VirusTotal service using a VirusTotal API (free)
  ☆77Updated 3 weeks ago
• Harvester57 / Security-ADMX
  Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
  ☆91Updated this week
• MicrosoftDocs / WDAC-Toolkit
  Documentation and tools to access Windows Defender Application Control (WDAC) technology.
  ☆251Updated last week
• MicrosoftDocs / defender-docs
  ☆111Updated this week
• cyberphor / Soap
  A PowerShell module for incident response and threat hunting.
  ☆38Updated last year
• THEVER1TAS / sysmon-config
  Sysmon configuration file templates with advanced event tracing and blocking
  ☆41Updated 3 weeks ago
• EvotecIT / PasswordSolution
  This module allows the creation of password expiry emails for users, managers, administrators, and security according to defined template…
  ☆157Updated 9 months ago
• merill / microsoft-info
  Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
  ☆202Updated last week
• EricZimmerman / JLECmd
  Automatic and Custom Destinations jump list parser with Windows 10 support
  ☆115Updated 4 months ago
• microsoft / mstic
  Microsoft Threat Intelligence
  ☆204Updated this week
• Beercow / OneDriveExplorer
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆226Updated last month
• microsoft / KqlTools
  A command line tool to explore real-time streams of events.
  ☆89Updated 11 months ago
• reprise99 / 4688-sysmon
  ☆61Updated 2 years ago
• Azure / MDTI-Solutions
  Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
  ☆79Updated last year
• kacos2000 / WindowsTimeline
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆196Updated 2 years ago
• moaistory / WinSearchDBAnalyzer
  http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html
  ☆127Updated last year
• reprise99 / kql-for-dfir
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆124Updated 3 years ago
• strozfriedberg / sidr
  Search Index Database Reporter
  ☆130Updated 3 months ago
• nicolonsky / ITDR
  Collection of Microsoft Identity Threat Detection and Response resources.
  ☆51Updated this week
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆573Updated 2 months ago
• LearningKijo / MDEtester
  MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
  ☆193Updated last year
• mttaggart / venture
  Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs
  ☆91Updated last year
• PwC-IR / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆266Updated 4 years ago
• CompliantSec / M365SAT
  Microsoft 365 Security Assessment Tool - A Easy-To-Use Microsoft 365 Security Assessment Tool
  ☆170Updated 9 months ago
• EricZimmerman / evtx
  C# based evtx parser with lots of extras
  ☆340Updated 5 months ago
• YongRhee-MDE / LiveResponse
  M365 MDATP Live Response sample scripts
  ☆82Updated last year
• przybylskirobert / ADSecurity
  Place where I'm putting all the scripts and config files regarding Active Directory Security.
  ☆105Updated last year