mttaggart / ventureLinks
Venture: Cross-Platform GUI tool for parsing and analyzing Windows event logs
☆87Updated 5 months ago
Alternatives and similar repositories for venture
Users that are interested in venture are comparing it to the libraries listed below
Sorting:
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆107Updated 8 months ago
- ☆99Updated 3 months ago
- ☆61Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 4 months ago
- A tiny tool built to find and fix common misconfigurations in Active Directory-integrated DNS☆117Updated 5 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆89Updated 10 months ago
- A repository to share publicly available Velociraptor detection content☆173Updated this week
- A list of RMMs designed to be used in automation to build alerts☆111Updated 2 months ago
- Velociraptor Server hosted in Azure App Service☆55Updated 3 weeks ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆75Updated last week
- ☆72Updated 8 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆40Updated this week
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆107Updated 6 months ago
- ☆65Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆76Updated last year
- LotL RMM☆208Updated last week
- ☆68Updated 6 months ago
- The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.☆45Updated 2 months ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- A preconfigured Velociraptor triage collector☆52Updated last week
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆252Updated last year
- Full of public notes and Utilities☆117Updated 4 months ago
- A collection of various SIEM rules relating to malware family groups.☆66Updated last year
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆91Updated 2 weeks ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆36Updated 2 weeks ago
- Parses USB connection artifacts from offline Registry hives☆99Updated 2 weeks ago
- Takajō (鷹匠) is a Hayabusa results analyzer.☆123Updated last week
- God Mode Detection Rules☆134Updated 10 months ago
- ☆41Updated 6 months ago
- The "Monash Enterprise Access Model" (MEAM) is a model for tiering Active Directory that builds heavily on the Microsoft Enterprise Acces…☆114Updated 9 months ago