This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recommandations).
☆11Mar 2, 2023Updated 3 years ago
Alternatives and similar repositories for Windows-Security-Event-ID-Helper
Users that are interested in Windows-Security-Event-ID-Helper are comparing it to the libraries listed below
Sorting:
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Aug 19, 2025Updated 6 months ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 3 months ago
- Azure Function App to serve as midddleware for a logon script solution for cloud managed devices.☆15Apr 25, 2023Updated 2 years ago
- Slides from various conference talks☆37May 30, 2023Updated 2 years ago
- ☆41Apr 5, 2025Updated 10 months ago
- Continuous kerberoast monitor☆45Aug 24, 2023Updated 2 years ago
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- Personal notes and lab results pertaining to the text "Practical Malware Analysis" by Michael Sikorski and Andrew Honiq.☆12Oct 28, 2017Updated 8 years ago
- In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…☆12May 25, 2016Updated 9 years ago
- MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.☆12Feb 27, 2023Updated 3 years ago
- Manage Jira assets in your code or CLI☆13Feb 17, 2026Updated 2 weeks ago
- GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.☆14Jan 28, 2023Updated 3 years ago
- Elastic Ingest Documentation☆14Updated this week
- OSINT=*, Chrome extension that searches all the threat feeds☆11Dec 5, 2021Updated 4 years ago
- A tool to create randomly insecure file shares that also contain unsecured credential files☆49Feb 16, 2026Updated 2 weeks ago
- Registry Explorer bookmark definitions☆44Dec 19, 2024Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Digital Forensics and Incident Response notes and Autopsy tool walkthrough☆11Feb 3, 2022Updated 4 years ago
- ☆11Dec 13, 2021Updated 4 years ago
- This sample is a demonstration of what a Microsoft Graph service on IFTTT could look like. The purpose is to spark exploration by third p…☆14May 23, 2024Updated last year
- vSphere metrics plugin for collectd☆11Feb 12, 2019Updated 7 years ago
- Infrastucture-as-Code in Reverse☆11Oct 2, 2019Updated 6 years ago
- Netbox plugin that accepts and process incomming webhooks☆15Oct 1, 2024Updated last year
- Dynamically configure Juniper network devices using metadata from Netbox. Mirror of https://gerrit.wikimedia.org/g/operations/software/ho…☆14Jan 12, 2026Updated last month
- CI/CD repository template to automate deployments of your production flows☆14Jul 1, 2024Updated last year
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- Source files found after a recent hack of one of my machines, showing how the infection spreads itself and what it does, useful for analy…☆13May 4, 2020Updated 5 years ago
- Ansible Modules to manage Citrix Netscaler devices☆12Dec 20, 2018Updated 7 years ago
- Node CLI tool to import a CSV into ClearPass via the RESTful API☆13Feb 11, 2026Updated 3 weeks ago
- Function ID for Malware Analysis☆13Jul 6, 2020Updated 5 years ago
- EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.☆15Nov 7, 2021Updated 4 years ago
- Benchmark Generator to create skeleton Ansible content from baseline XCCDF files.☆10Sep 10, 2020Updated 5 years ago
- Azure Offensive Library☆17Oct 18, 2025Updated 4 months ago
- Postman collections for Redfish requests against HPE servers☆13Apr 18, 2021Updated 4 years ago
- Hardening script for Windows (Domain mode or without domain)☆16Sep 18, 2025Updated 5 months ago
- [WIP] Adds physical storage device support to Netbox, primarily intended for SAS/SATA/NVMe type devices.☆12Mar 11, 2024Updated last year
- Small wiki for Mobile Application Penetration Testing Tools☆12Apr 8, 2021Updated 4 years ago