Alternatives and similar repositories for evtx2json:

Users that are interested in evtx2json are comparing it to the libraries listed below

• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• sumeshi / evtx2es
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆85Updated 7 months ago
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆58Updated 2 years ago
• mitre-attack / evals_caldera
  A CALDERA plugin for ATT&CK Evaluations Round 1
  ☆33Updated last year
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆129Updated 3 years ago
• agreenjay / sysmon
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Updated 4 years ago
• sbousseaden / YaraHunts
  Random hunting ordiented yara rules
  ☆95Updated last year
• NVISOsecurity / nviso-cti
  ☆41Updated 10 months ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated last year
• timfrazier1 / AdversarySimulation
  Compilation of resources to help with Adversary Simulation automation harness
  ☆99Updated 4 years ago
• Neo23x0 / panopticon
  A YARA Rule Performance Measurement Tool
  ☆58Updated 11 months ago
• 3CORESec / S2AN
  S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
  ☆85Updated 2 years ago
• olafhartong / Presentations
  My conference presentations
  ☆66Updated last year
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆90Updated 3 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆42Updated 4 years ago
• advanced-threat-research / IOCs
  Repository containing IOCs, CSV and MISP JSON from our blogs
  ☆79Updated 3 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆107Updated 6 years ago
• TravisFSmith / mitre_attack
  ☆78Updated 4 years ago
• fireeye / HXTool
  HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…
  ☆79Updated 7 months ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 3 years ago
• ashwin-patil / threat-hunting-with-notebooks
  Repository with Sample threat hunting notebooks on Security Event Log Data Sources
  ☆61Updated 2 years ago
• Beercow / SEPparser
  Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.
  ☆64Updated 2 years ago
• 3CORESec / Automata
  Automatic detection engineering technical state compliance
  ☆54Updated 7 months ago
• Neo23x0 / sysmon-version-history
  An Inofficial Sysmon Version History (Change Log)
  ☆32Updated 4 years ago
• 0xThiebaut / sigmai
  Import specific data sources into the Sigma generic and open signature format.
  ☆77Updated 2 years ago
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆31Updated 4 years ago
• 0xAnalyst / CB-Threat-Hunting
  ☆116Updated last year
• OTRF / API-To-Event
  A repo to document API functions mapped to security events across diverse platforms
  ☆75Updated 5 years ago
• siriussecurity / mitre-attack-mapping
  Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.
  ☆57Updated 4 years ago
• olafhartong / detection-sources
  ☆53Updated 5 years ago