williballenthin / python-evtLinks
Pure Python parser for classic Windows Event Log files (.evt)
☆50Updated last year
Alternatives and similar repositories for python-evt
Users that are interested in python-evt are comparing it to the libraries listed below
Sorting:
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Updated 4 years ago
- Python OpenIOC Editor☆18Updated 9 years ago
- ☆27Updated 7 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆48Updated 8 years ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Malware/IOC ingestion and processing engine☆105Updated 6 years ago
- general purpose and malware specific analysis tools☆102Updated 9 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 6 years ago
- ☆19Updated 6 years ago
- Incident Response Scripts☆30Updated 5 years ago
- Volatility Plugins☆21Updated 10 years ago
- A short and small memory forensics helper.☆52Updated 7 years ago
- ☆68Updated 7 years ago
- Some IR notes☆73Updated 8 years ago
- ☆16Updated 10 years ago
- Web based Manager for Yara Rules☆58Updated 5 years ago
- Handy scripts to speed up malware analysis☆35Updated last year
- A map displaying threat actors from the misp-galaxy☆33Updated 2 years ago
- PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts☆56Updated 4 years ago
- Python IOC Editor☆63Updated 10 years ago
- A dumb set of scripts for building a cuckoo rig☆61Updated 8 years ago
- Telsy CTI Research Team☆57Updated 4 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆86Updated 7 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆108Updated 4 years ago
- Credential Phish Analysis and Automation☆97Updated 6 years ago
- Listen for usb devices and automatically submit all files on device to cuckoo☆13Updated 8 years ago
- ☆82Updated 8 years ago