evtx2json
habu
evtx2json | habu | |
---|---|---|
1 | 1 | |
48 | 858 | |
- | - | |
10.0 | 0.0 | |
about 2 years ago | 6 months ago | |
Python | Python | |
Apache License 2.0 | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
evtx2json
-
How to analyze old Windows Event Logs to find IOAs or IOCs?
Almost all SIEMs allow the import/replay of dated logs. Some native, some with the help of tools like https://github.com/vavarachen/evtx2json. For a threat-hunting env, have a look at HELK and SOF-ELK.
habu
-
Awesome Penetration Testing
Habu - Python utility implementing a variety of network attacks, such as ARP poisoning, DHCP starvation, and more.
What are some alternatives?
qasa - Query your devices and systems for useful data (SNMP, HTTP etc), and send the results onwards... perhaps remote syslog server, OpenSearch, Splunk or even... It really doesn't care!
PwnLnX - An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out with the development. Disclaimer: This reverse shell should only be used in the lawful, remote administration of authorized systems. Accessing a computer network without authorization or permission is illegal.
TorBot - Dark Web OSINT Tool
msdat - MSDAT: Microsoft SQL Database Attacking Tool
ufw-stats - ufw-stats: Show ufw actions since boot, with ip address information from RIPE database.
Network-Pen-Test-Tools - Handy Python Network Tools to use during penetration test engagements.
OmegaPSToolkit - Totally in development! A toolkit that brings together penetration testing tools such as wireless tools, web tools, password cracking tools, etc.
faraday_plugins - Security tools report parsers for Faradaysec.com
THC-Archive - All releases of the security research group (a.k.a. hackers) The Hacker's Choice
CloudPeler - CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
RedTeam-Tools - Tools and Techniques for Red Team / Penetration Testing
envizon - network visualization & pentest reporting