clean interface for the windows event log
☆26Jun 8, 2024Updated last year
Alternatives and similar repositories for win-event-log-rs
Users that are interested in win-event-log-rs are comparing it to the libraries listed below
Sorting:
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Queries for parsed spotlight database in sqlite☆13Dec 29, 2020Updated 5 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- siquery, a Rust osquery implementation to query system information☆59Oct 29, 2025Updated 4 months ago
- Tools for macOS Forensic Bootable media☆15May 20, 2020Updated 5 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- NTFS file system specimens☆13Jul 3, 2023Updated 2 years ago
- File Capability Extractor☆14Jul 12, 2025Updated 7 months ago
- A document tagging library☆33Mar 27, 2025Updated 11 months ago
- Set up a quick and dirty audit log on an SQLite db.☆16May 16, 2013Updated 12 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- ☆18Apr 16, 2022Updated 3 years ago
- Python bindings for LZFSE☆18Jul 9, 2020Updated 5 years ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 4 years ago
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- Automated threat intelligence collection with McAfee ATD, OpenDXL and MISP☆22Feb 21, 2020Updated 6 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Scripts to extract compound bplists in the iOS -> KnowledgeC.db -> structuredmetadata table.☆27May 12, 2019Updated 6 years ago
- USN to JSON☆22Apr 4, 2020Updated 5 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- Get the process name or process id on windows☆20Jun 1, 2025Updated 9 months ago
- Extension blocks as found in ShellBags and other places in the Registry☆25Jan 7, 2025Updated last year
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated 2 weeks ago
- Repository for LNK stuff☆31Aug 31, 2022Updated 3 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Aug 6, 2022Updated 3 years ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Go library for ETW (Event Tracing for Windows) events processing☆73Jul 13, 2022Updated 3 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆36Jun 1, 2023Updated 2 years ago
- Microsoft code signing library (and utility) for Rust☆36Nov 6, 2021Updated 4 years ago
- ☆34Jul 16, 2020Updated 5 years ago
- ☆44Sep 22, 2022Updated 3 years ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆41Oct 25, 2021Updated 4 years ago
- pollen - A command-line tool for interacting with TheHive☆36Jun 6, 2019Updated 6 years ago
- Simple example for getting started with eBPF for Windows☆50Feb 23, 2025Updated last year
- User Feedback Space of #MitreAssistant☆38May 19, 2023Updated 2 years ago
- Local OXID Resolver (LCLOR) : Research and Tooling☆37May 19, 2021Updated 4 years ago
- Get or remove RunMRU values☆61Dec 11, 2019Updated 6 years ago