 |
VOOZH | about |
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
Cross-Platform Universal Log Viewer.
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
Open source HIDS tailored for Microsoft Windows and Active Directory
A PS forensics tool for Scraping, Filtering and Exporting Windows Event Logs
Convert Windows Event Log .evtx files to other formats.
Search Windows event log and output results to a text file
A Python script that parses CPER-formatted raw data contained in error event log provided by WHEA-Logger
Python 3-based multithreaded Windows Event monitoring program
Windows Event Log forensic timeline and incident response analysis tool (EVTX triage)
Client-side Windows event log forensics — Sigma rule matching, PowerShell decode, ransomware chain correlation, credential access detection, and process lineage reconstruction. No backend required.
Splunk SPL reference and detection query library for SOC analysts — brute force, lateral movement, persistence, and threat hunting queries ready to use.
End-to-end SOC detection lab built on Splunk Enterprise - simulating a multi-stage attack across Kali, Windows 10, and Ubuntu, with SPL detection queries, a 4-panel dashboard, and formal incident report mapped to MITRE ATT&CK.
Console Windows event log viewer
End-to-end phishing simulation and SOC investigation lab - deploying GoPhish credential harvesting infrastructure and detecting execution via Windows EventID 4688 parent-child process analysis in Splunk.
Event Tracing for Windows
Menu-based scanner for Hayabusa intended for scanning mounted images and folders with EVTX files.
Parses and Analyse Authentication on Windows Event Log
Parses and imports a Windows Log File (CSV) into a Microsoft SQL Server Database.
End-to-end attack detection lab using Wazuh SIEM, Sysmon, and Windows event log analysis with MITRE ATT&CK mapping.
Add a description, image, and links to the windows-event-logs topic page so that developers can more easily learn about it.
To associate your repository with the windows-event-logs topic, visit your repo's landing page and select "manage topics."