This repository provide a json file for all Windows security Event IDs with lot of useful informations (Categories, GPO, Volume, Recommandations).
☆11Mar 2, 2023Updated 3 years ago
Alternatives and similar repositories for Windows-Security-Event-ID-Helper
Users that are interested in Windows-Security-Event-ID-Helper are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hardening script for Windows (Domain mode or without domain)☆16Sep 18, 2025Updated 6 months ago
- ☆15May 8, 2023Updated 2 years ago
- ☆15Sep 24, 2024Updated last year
- Slides from various conference talks☆37May 30, 2023Updated 2 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Aug 19, 2025Updated 7 months ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆66Jan 13, 2026Updated 2 months ago
- A Python-based tool for analyzing Active Directory security posture by processing LDAP dumps, NTDS.dit extracts, and password cracking re…☆27May 6, 2025Updated 10 months ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 4 months ago
- Backup and Recreate Microsoft Teams☆21Dec 8, 2019Updated 6 years ago
- ☆15May 27, 2019Updated 6 years ago
- Parse Chrome History and Downloads into TSV or TLN format☆16Sep 3, 2016Updated 9 years ago
- ☆41Apr 5, 2025Updated 11 months ago
- A dedicated repo to interact with the API of Timesketch☆12Sep 17, 2021Updated 4 years ago
- Bunch of nice uncategorized Powershell scripts☆27Mar 14, 2025Updated last year
- POC for CVE-2024-3183 (FreeIPA Rosting)☆27Aug 20, 2024Updated last year
- The home of the BriMor Labs rdpieces Perl script that tries to rebuild parsed RDP Bitmap Cache images☆89Aug 29, 2023Updated 2 years ago
- Parses for Google Analytic values in raw files like RAM, DD images etc.☆18Apr 17, 2016Updated 9 years ago
- Golang based web service to scan files with yara rules☆25Jul 6, 2017Updated 8 years ago
- A running list of Windows sources and the related event ids.☆19Aug 2, 2023Updated 2 years ago
- Proxll is a tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h☆41Oct 8, 2024Updated last year
- egrets monitors egress☆47Apr 12, 2020Updated 5 years ago
- Search Outlook's PST files for a specific search term☆16Oct 2, 2023Updated 2 years ago
- Forked from git://git.dollyfish.net.nz/mutt-filters - which seems to have disapeared☆17Feb 22, 2022Updated 4 years ago
- Parse SDDL strings☆37Apr 1, 2024Updated last year
- ☆17Sep 3, 2015Updated 10 years ago
- Registry Explorer bookmark definitions☆44Dec 19, 2024Updated last year
- Template☆18Sep 3, 2024Updated last year
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆44Jul 18, 2022Updated 3 years ago
- Azure Function App to serve as midddleware for a logon script solution for cloud managed devices.☆15Apr 25, 2023Updated 2 years ago
- A tool to create randomly insecure file shares that also contain unsecured credential files☆49Feb 16, 2026Updated last month
- Validates Sigma rules using the JSON schema☆22Mar 18, 2024Updated 2 years ago
- Azure Offensive Library☆17Oct 18, 2025Updated 5 months ago
- vSphere metrics plugin for collectd☆11Feb 12, 2019Updated 7 years ago
- реп полезностей для PT MaxPatrol SIEM☆24Sep 18, 2023Updated 2 years ago
- ☆12Oct 15, 2024Updated last year
- Falcon signature and its ZKP extensions☆23Jul 5, 2022Updated 3 years ago
- Stream Downloader是一个用于从网络下载媒体资源(视频,音频,图片等)的工具。☆25Oct 6, 2021Updated 4 years ago
- Extension for eXtraction and Processing (XP) language in Visual Studio Code☆48Oct 20, 2025Updated 5 months ago