userline
Log analyzer
Automates analysis of Windows Security Events to identify user logon relations
Query and report user logons relations from MS Windows Security Events
240 stars
28 watching
32 forks
Language: Python
last commit: over 6 years ago blackhatcsvdfirdockerdockerfileelasticsearchevtx-analisysforensicsgephigraphloginlogon-relationsneo4jplasopythonwindows-eventlog
Related projects:
Repository | Description | Stars |
---|---|---|
nshalabi/sysmontools | Utilities for analyzing and visualizing Windows event logs from Sysmon, helping users track and monitor system activity. | 1,488 |
reed1713/elat | A toolset for analyzing Windows event logs to detect and analyze malware | 29 |
airbus-cert/timeliner | A tool for filtering and analyzing Windows event logs based on complex time-based conditions | 36 |
yamato-security/wela | Analyzes Windows Event Logs to identify security-related events and provides forensic tools for incident response. | 763 |
jpcertcc/sysmonsearch | Analyzes Sysmon event logs to detect suspicious activity and visualize process and network correlations. | 417 |
cgosec/blauhaunt | A tool collection for analyzing and visualizing logon events to help answer security-related questions | 161 |
wagga40/zircolite | A standalone tool for analyzing and detecting security-related events in various Linux logs using SIGMA rules | 680 |
sans-blue-team/deepbluecli | A PowerShell module for analyzing Windows event logs to detect and respond to potential security threats. | 2,190 |
dogoncouch/logesp | A security-focused application built with Python Django to manage and analyze log data from various sources. | 197 |
illusivenetworks-labs/historicprocesstree | Analyzes Windows event log data to visualize historic process execution evidence in a tree view. | 59 |
jmscslgroup/strym | A real-time CAN data logging and visualization tool that interfaces with USB-CAN Interface using Python | 27 |
carina-studio/ulogviewer | A tool for analyzing and visualizing log data from various sources | 409 |
securityjoes/forensicminer | Automates evidence collection and analysis from Windows machines using PowerShell. | 148 |
dogoncouch/logdissect | Analyzes log files and other data from various sources and formats. | 148 |
williballenthin/python-evtx | A Python module for parsing Windows Event Log files (.evtx) into structured data | 732 |