APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspi...
Cross-Platform Universal Log Viewer.
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
A PS forensics tool for Scraping, Filtering and Exporting Windows Event Logs
Search Windows event log and output results to a text file
A Python script that parses CPER-formatted raw data contained in error event log provided by WHEA-Logger
Convert Windows Event Log .evtx files to other formats.
Python 3-based multithreaded Windows Event monitoring program
Purpose: analyze Windows Security Logs using Splunk to develop a behavioral baseline and investigate host activity patterns.
*This simulation captures core, widely observed attacker behaviors aligned with common enterprise intrusion patterns. From brute-force access to obfuscated execution, persistence, recon, and privilege...
This case study captures a classic example of attacker persistence using a built-in operating system feature: the Windows service framework. Through the lens of Event ID 7045, the attacker installed a...
Event Tracing for Windows
Detection engineering lab using Splunk, Sigma, and Windows logs — mapped to MITRE ATT&CK
Parses and imports a Windows Log File (CSV) into a Microsoft SQL Server Database.
Parses and Analyse Authentication on Windows Event Log
Observe introduction: building a SIEM with Observe.
Shows how to write entries to Windows Event Log
