Windows EVTX Samples [200 EVTX examples] Logo

Windows EVTX Samples [200 EVTX examples]

0
Free
Visit Website

This container provides 200 Windows events samples related to specific attack and post-exploitation techniques, useful for testing detection scripts, training on DFIR and threat hunting, and designing detection use cases using Windows and Sysmon event logs. It includes a PowerShell script for parsing and replaying EVTX files with Winlogbeat.

FEATURES

ALTERNATIVES

A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.

Python-based client for IBM XForce Exchange with an improved version available.

Threat intelligence platform providing real-time threat data and insights.

In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.

SeaSponge is an accessible web-based threat modeling tool with a focus on accessibility, aesthetics, and intuitive user experience.

MaxMind provides accurate IP geolocation and online fraud detection solutions to create safer digital experiences.

A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.