WELA
WindowsDFIR
WELA | WindowsDFIR | |
---|---|---|
3 | 2 | |
678 | 71 | |
4.0% | - | |
0.0 | 2.6 | |
about 1 year ago | almost 3 years ago | |
PowerShell | PowerShell | |
GNU General Public License v3.0 only | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
WELA
WindowsDFIR
What are some alternatives?
hayabusa - Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Sophia-Script-for-Windows - :zap: The most powerful PowerShell module on GitHub for fine-tuning Windows 10 & Windows 11
teler - Real-time HTTP Intrusion Detection
Power-Response - Powering Up Incident Response with Power-Response
timesketch - Collaborative forensic timeline analysis
PowerArubaCX - PowerShell module to manage ArubaCX switches
PoShLog - :nut_and_bolt: PoShLog is PowerShell cross-platform logging module. It allows you to log structured event data into console, file and much more places easily. It's built upon great C# logging library Serilog - https://serilog.net/
powershell - 🧛🏻♂️ Dark theme for PowerShell and cmd.exe
chainsaw - Rapidly Search and Hunt through Windows Forensic Artefacts
Trawler - PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
SIEM - SIEM Tactics, Techiques, and Procedures
win-cmd-escaper - A Python library to properly handle escaping of command line arguments in Windows' CMD.exe and Powershell.