Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.
☆32Oct 13, 2018Updated 7 years ago
Alternatives and similar repositories for WindowsEventsToCSVTimeline
Users that are interested in WindowsEventsToCSVTimeline are comparing it to the libraries listed below
Sorting:
- Triaging Windows event logs based on SANS Poster☆48Nov 22, 2025Updated 3 months ago
- Audit Powershell and search from known keywords in history #Blueteam☆25Apr 22, 2020Updated 5 years ago
- An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…☆60Jan 30, 2018Updated 8 years ago
- Automate Windows Defender STIG to 100% Compliance☆19Jul 26, 2024Updated last year
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆14Aug 22, 2020Updated 5 years ago
- A utility to parse and analyze Windows Event Log files for recurrent failure patterns☆19Jun 5, 2025Updated 9 months ago
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆39Jul 22, 2021Updated 4 years ago
- Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection☆36Mar 14, 2018Updated 8 years ago
- Proof of concept to see if more modern HTML reports can be made with PowerShell☆12Oct 10, 2021Updated 4 years ago
- Collection of Windows Scripts and Automation to make management and MSP life easier☆18Mar 15, 2026Updated last week
- Accompanying PowerShell Modules for DevSec Defense Presentation☆30Apr 15, 2018Updated 7 years ago
- A set of Bash scripts that allows you to repeatably collect and compare baseline audit data from Linux and Windows systems☆20Oct 19, 2013Updated 12 years ago
- Files from my Storm Center Articles☆17Jan 17, 2024Updated 2 years ago
- Yara rules written by me, for free use.☆20Nov 26, 2021Updated 4 years ago
- Script to enabled DNS Debug Logging across Domain Controllers in a Forest and then retrieve for analysis☆14May 27, 2016Updated 9 years ago
- AppLocker hardening policies☆26Jul 26, 2018Updated 7 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- Miscellaneous Scripts☆17Sep 11, 2020Updated 5 years ago
- Deploy (WPF + runspaces) GUI to execute any script or distribute files to remote computers☆13Sep 25, 2024Updated last year
- Zac's assorted config files☆10Jan 11, 2017Updated 9 years ago
- ☆13Nov 8, 2017Updated 8 years ago
- .NET attributes cleaner/Junk remover (nops). Credits to Prab + Illuzion.☆21May 12, 2022Updated 3 years ago
- Simple CLI utility to save off an image from every webcam hooked into a mac☆14May 20, 2021Updated 4 years ago
- ConfigMgr LogFiler Opener automates the usage of CMTrace, CMLogViewer and OneTrace for opening single or multiple ConfigMgr Client Logfil…☆13May 22, 2023Updated 2 years ago
- Powershell script to automate Windows 10 feature updates, powered by MSPGeek☆17Mar 17, 2021Updated 5 years ago
- Fast incident overview☆41Feb 11, 2017Updated 9 years ago
- Loads a program into a memfd and runs it.☆11May 22, 2022Updated 3 years ago
- Automating forensic data extraction, reduction, and overall triage of cold disk and memory images.☆21Mar 12, 2019Updated 7 years ago
- CAPE Auto-Hardened Installer☆26Jan 28, 2026Updated last month
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- PoC of injecting code into a running Linux process☆23Sep 11, 2019Updated 6 years ago
- This script creates a webpage to show SCCM OSD Reporting☆18Jan 17, 2025Updated last year
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated 9 months ago
- ☆77Jun 25, 2019Updated 6 years ago
- Various DFIR Tools☆27Jul 23, 2018Updated 7 years ago
- JXA script based on research by Jeff Johnson on leveraging TextEdit to remove quarantine attributes on files. Jeff's original research is…☆17Jan 31, 2021Updated 5 years ago
- ☆14Nov 12, 2021Updated 4 years ago
- A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…☆34Apr 15, 2021Updated 4 years ago
- This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense☆34Updated this week