A simplified EVTX file parser wrapping 0xrawsec's golang-evtx module
-
Updated
Feb 27, 2024 - Go
A simplified EVTX file parser wrapping 0xrawsec's golang-evtx module
A commandline simulator for System Monitor(Sysmon) testing, rewritten in Golang
Incident Response Script Grabs logs
A simple System monitor(Sysmon) EVTX inspector; search, visualize, and track Sysmon events
proof of concept intrusion mitigation tool written in go for windows. (Sysmon eventlogs and Sigma .yml signature rules)
Add a description, image, and links to the sysmon topic page so that developers can more easily learn about it.
To associate your repository with the sysmon topic, visit your repo's landing page and select "manage topics."