Windows EVTX Samples [200 EVTX examples]

Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.

This container provides 200 Windows events for testing and training

This container includes 200 samples of Windows events that are associated with specific attack and post-exploitation techniques. These samples are valuable for testing detection scripts, training in Digital Forensics and Incident Response (DFIR) and threat hunting, as well as for designing detection use cases utilizing Windows and Sysmon event logs.

It includes a PowerShell script for EVTX file processing

It includes a PowerShell script designed for parsing and replaying EVTX files using Winlogbeat.

Other AI Tools

OWASP Foundation

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.

Details

OWASP Joomla Vulnerability Scanner

An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.

Details

OWASP Honeypot

Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.

Details