"topic:evtx" — Search | GitHunt

© 2026 GitHunt · tansuasici

53 results for “topic:evtx”

sbousseaden/EVTX-ATTACK-SAMPLES

Windows Events Attack Samples

HTML2.5k430Updated 6 hours ago

datasetdetection-engineeringdfirevtxmitre-attackthreat-huntingwindows-securitywinlogbeat

mdecrevoisier/Microsoft-eventlog-mindmap

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

1.1k181Updated 2 days ago

active-directoryazureevtxexchangeincident-responsemindmapwindows

wagga40/Zircolite

A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs

Python788112Updated 8 hours ago

auditddetectiondfirdfir-automationdfir-toolsevtxevtxtractforensicsforensics-toolslogspysigmapython3sigmasigma-rulessysmon

williballenthin/python-evtx

Pure Python parser for Windows Event Log files (.evtx)

Python765167Updated 1 week ago

event-logevtxforensics

mdecrevoisier/EVTX-to-MITRE-Attack

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.

61297Updated 3 weeks ago

evtxmitre-attackredteamsiemthreat-hunting

EricZimmerman/evtx

C# based evtx parser with lots of extras

C#34566Updated 13 hours ago

eventeventlogevtxwindows

jurelou/epagneul

Graph Visualization for windows event logs

Python24234Updated 1 month ago

blueteamdfir-automationevtxforensicsforensics-toolshuntingsecuritysecurity-toolsthreat-hunting

NVISOsecurity/evtx-hunterArchived

evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Python15826Updated 1 month ago

csirtevtxincident-responseinfosecnetsecthreat-hunting

fox-it/danderspritz-evtx

Parse evtx files and detect use of the DanderSpritz eventlogedit module

Python15131Updated 1 month ago

danderspritzeventlogeditevtxpython

ine-labs/ThreatSeeker

ThreatSeeker: Threat Hunting via Windows Event Logs

Python12414Updated 1 month ago

evtxlog-analysissysmonthreatthreat-detectionthreat-intelligencewindows

sumeshi/evtx2es

A library for fast parse & import of Windows Eventlogs into Elasticsearch.

Python8616Updated 1 month ago

dfirelasticsearcheventlogevtxforensicsparserpythonwindows

kacos2000/Evtx_Log_Browser

Evtx Log (xml) Browser

PowerShell5611Updated 3 weeks ago

evtxguipowershellwindows-10windows11xml

AhmedKamal1432/Evilize

Triaging Windows event logs based on SANS Poster

PowerShell479Updated 1 week ago

dfireventlogseventsevtevtxincident-responsesans

ceramicskate0/SWELF

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

C#247Updated 1 month ago

analysisanalyticscybersecuritydefensedetectiondotneteventlogevtxforwarderhuntinglog-forwarderlogginglogging-agentlogging-frameworklogspowershellsiemsysmonwindowswindowsevents

logpresso/community

Logpresso Mini and community contents for incident response

181Updated 7 months ago

dfirevtxextensible-storage-enginelog-analyzermftregistry-hive-filessqlite

gustavoparedes/QuickLog

Is a portable forensic tool for analyzing Windows logs, pre-organized according to the methodology outlined in this job: https://cybersecuritynews.com/windows-event-log-analysis/, to quickly highlight key forensic artifacts.

C#153Updated 2 weeks ago

dfrevtxforensicforensic-toolslogsopensourcewindwos

Lyc4on/EvtXHunt

EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.

Python151Updated 3 months ago

autopsycybersecuritydigital-forensicsevtxindicators-of-compromisesigma

forensenellanebbia/powershell-scripts

Powershell scripts

PowerShell110Updated 3 months ago

blueteametlevent-logevtxforensicspowershell

KnightChaser/aesir

A simple System monitor(Sysmon) EVTX inspector; search, visualize, and track Sysmon events

Go71Updated 1 month ago

evtxevtx-analysisgolanglog-analysislog-parsermongodbmuxnosqlsysmonweb

martinmathurine/Windows-Event-Log-Analyser

This is a PySimpleGUI-based Python software tool for processing and visualising selected Windows Event Security.evtx log files that meet a condition in Event ID 4688.

Python61Updated 10 months ago

automationevtxevtx-analysislogloggingnetworknetworksecurityparsingpasswordproject

bogdanticu88/ApexHunter

Autonomous agentic threat hunting playbook executor for SOC/DFIR pros. Runs YAML playbooks against forensic logs with local LLMs (Ollama) for intelligent correlation, triage, ATT&CK mapping, and automated reporting. Offline-first, DuckDB-powered.

Python62Updated 23 hours ago

agentic-aiai-securityblue-teamcybersecuritydfirduckdbevtxforensicsmitre-attackollamapythonred-teamsecurity-toolssoc-automationthreat-huntingthreat-intelligence

whatabeautifulmemory/glossy

Glossy Event Log Forensics

JavaScript50Updated 2 years ago

eventlogevtxforensics

spirospolitis/evtx-convert

Convert Windows Event Log .evtx files to other formats.

Python51Updated 3 weeks ago

evtxpythonwindows-event-logwindows-event-logs

jupyterj0nes/masstin

Masstin: High-Speed DFIR Tool written in Rust and Graph Visualization in Neo4j for Comprehensive Lateral Movement Analysis

Rust30Updated 9 months ago

dfirdigital-forensic-tooldigital-forensicsdigital-forensics-incident-responseevtxlateral-movementneo4jrust

bricerenaud/import-EVTX-to-XDR

Simple Python script to convert, enrich and upload an EVTX file to Palo Alto Networks Cortex XDR using an HTTP Custom Collector.

Python31Updated 2 years ago

cortexevtxpaloaltonetworksxdr

devynspencer/elk-moose

Quickly analyze Windows event logs.

Shell30Updated 4 years ago

elasticsearchelkevtxkibanalogstashsecuritywindows

yakisyst3m/evtx2log

convertir les journaux .evtx en .log lisibles

Shell20Updated 1 year ago

troplolBE/evtx-to-elk

Program to send logfiles to ELK using winlogbeat.

Visual Basic .NET20Updated 4 years ago

elasticelkelk-stackevtxlogfile-uploadvisual-basicwinlogbeat

The Forensic Examiners Swiss Army Knife.

Go20Updated 2 days ago

carvingcefdeflatedfirelasticeventlogsevtxforensicsforensics-toolsfoxhashcathasheshuntjournalmcp-serverntdsntlmsigma-rulessplunkvirustotal

the-siegfried/py-evtx-ripper

A command line wrapper for the python-evtx library.

Python20Updated 8 months ago

cybersecurityevent-logevtxforensics

Page 1 of 2