evtx-hunter
netsec-goggle
evtx-hunter | netsec-goggle | |
---|---|---|
2 | 2 | |
137 | 66 | |
0.0% | - | |
0.0 | 1.5 | |
over 2 years ago | about 1 year ago | |
Python | Shell | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
evtx-hunter
netsec-goggle
What are some alternatives?
beagle - Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
zombie-system-demo - A simple setup that demonstrates concept of zombie computer and using it for dos.
EVTX-to-MITRE-Attack - Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
Cameradar - Cameradar hacks its way into RTSP videosurveillance cameras
APT-Hunter - APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity
SRX-security-zone-sessions - This Ansible example will show how to retrieve the security session count by zone.
IntelOwl - IntelOwl: manage your Threat Intelligence at scale
Watcher - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Microsoft-eventlog-mindmap - Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
python-evtx - Pure Python parser for Windows Event Log files (.evtx)
intelmq - IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.