Alternatives and similar repositories for EventLogExpert

Users that are interested in EventLogExpert are comparing it to the libraries listed below

• AaronMargosis / Aaron-Margosis-SysNocturnals-Tools
  A set of troubleshooting, diagnostic, and information utilities (and useful scripts) for Windows
  ☆67Updated 5 months ago
• Harvester57 / Security-ADMX
  Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
  ☆90Updated this week
• jkerai1 / SoftwareCertificates
  Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC
  ☆64Updated last week
• EvotecIT / VirusTotalAnalyzer
  PowerShell module that intearacts with the VirusTotal service using a VirusTotal API (free)
  ☆77Updated last week
• ydkhatri / OneDrive
  OneDrive log .ODL reader
  ☆155Updated last year
• MicrosoftDocs / defender-docs
  ☆110Updated last week
• MicrosoftDocs / WDAC-Toolkit
  Documentation and tools to access Windows Defender Application Control (WDAC) technology.
  ☆250Updated 2 weeks ago
• THEVER1TAS / sysmon-config
  Sysmon configuration file templates with advanced event tracing and blocking
  ☆41Updated 2 weeks ago
• reprise99 / 4688-sysmon
  ☆61Updated 2 years ago
• merill / microsoft-info
  Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily
  ☆199Updated 2 weeks ago
• Beercow / OneDriveExplorer
  OneDriveExplorer is a command line and GUI based application for reconstructing the folder structure of OneDrive from the <UserCid>.dat a…
  ☆225Updated 3 weeks ago
• EvotecIT / PasswordSolution
  This module allows the creation of password expiry emails for users, managers, administrators, and security according to defined template…
  ☆157Updated 9 months ago
• cyberphor / Soap
  A PowerShell module for incident response and threat hunting.
  ☆38Updated last year
• kacos2000 / WindowsTimeline
  Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)
  ☆196Updated 2 years ago
• microsoft / KqlTools
  A command line tool to explore real-time streams of events.
  ☆89Updated 11 months ago
• moaistory / WinSearchDBAnalyzer
  http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html
  ☆127Updated last year
• strozfriedberg / sidr
  Search Index Database Reporter
  ☆130Updated 3 months ago
• EricZimmerman / Get-ZimmermanTools
  Get all my software
  ☆185Updated 3 weeks ago
• reprise99 / kql-for-dfir
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆123Updated 3 years ago
• Azure / MDTI-Solutions
  Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product
  ☆79Updated last year
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆571Updated last month
• YongRhee-MDE / LiveResponse
  M365 MDATP Live Response sample scripts
  ☆82Updated last year
• microsoft / mstic
  Microsoft Threat Intelligence
  ☆204Updated last week
• LearningKijo / MDEtester
  MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
  ☆193Updated last year
• alexverboon / WindowsDefenderATP-Hunting-Queries
  Sample queries for Advanced hunting in Microsoft Defender ATP
  ☆38Updated 4 years ago
• KnudsenMorten / ClientInspectorV2
  ClientInspectorV2 - Unleashing the power of Azure LogAnalytics, Azure Data Collection Rules, Log Ingestion API by doing client inventory …
  ☆25Updated 2 years ago
• f-bader / SentinelARConverter
  Sentinel Analytics Rule converter PowerShell module
  ☆66Updated last month
• mttaggart / venture
  Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs
  ☆91Updated last year
• le0li9ht / Microsoft-Sentinel-Queries
  KQL queries for cyber defense and for solving daily issues
  ☆54Updated 6 months ago
• msdirtbag / MDEAutomator
  PowerShell-based Automation of Defender for Endpoint
  ☆184Updated 6 months ago