Windows EVTX Samples [200 EVTX examples] Logo

Windows EVTX Samples [200 EVTX examples]

0
Free
Visit Website

This container provides 200 Windows events samples related to specific attack and post-exploitation techniques, useful for testing detection scripts, training on DFIR and threat hunting, and designing detection use cases using Windows and Sysmon event logs. It includes a PowerShell script for parsing and replaying EVTX files with Winlogbeat.

FEATURES

ALTERNATIVES

A daily updated summary of security advisories from various sources

A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.

MaxMind provides accurate IP geolocation and online fraud detection solutions to create safer digital experiences.

Repository for detection content with various types of rules and payloads.

A library of Amazon S3 attack scenarios with mitigation strategies.

Curated datasets for developing and testing detections in SIEM installations.

A tool designed to extract additional value from enterprise-wide AppCompat / AmCache data

RedEye is a visual analytic tool for enhancing Red and Blue Team operations.