Finds event logs between two time points. Useful for helpdesk/support/malware analysis. (by BeanBagKing)


Basic EventFinder2 repo stats
about 2 years ago

BeanBagKing/EventFinder2 is an open source project licensed under GNU General Public License v3.0 only which is an OSI approved license.

EventFinder2 Alternatives

Similar projects and alternatives to EventFinder2

  • GitHub repo sysmon-config

    Sysmon configuration file template with default high-quality event tracing

NOTE: The number of mentions on this list indicates mentions on common posts. Hence, a higher number means a better EventFinder2 alternative or higher similarity.


Posts where EventFinder2 has been mentioned. We have used some of these posts to build our list of alternatives and similar projects - the last one was on 2021-02-24.
  • Help required in order to investigate
    You might want to start by using something to build a timeline around the hour that you have to look at. You can use this to extract ALL evtx logs from that timeframe and put them in temporal order. If you aren't used to digging through these though, you're going to find a lot of things that look suspicious, but aren't. You'll have to do some baselineing for what is in your environment. https://github.com/BeanBagKing/EventFinder2