1356 Open source projects that are alternatives of or similar to WELA

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

SIEM Tactics, Techiques, and Procedures

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Collaborative forensic timeline analysis

🔩 PoShLog is PowerShell cross-platform logging module. It allows you to log structured event data into console, file and much more places easily. It's built upon great C# logging library Serilog - https://serilog.net/

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Cortex: a Powerful Observable Analysis and Active Response Engine

System Management RAM analysis tool

Timeline of Active Directory changes with replication metadata

Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.

Real-time HTTP Intrusion Detection

Invoke-LiveResponse

Event Trace Log file parser in pure Python

Python script to decode common encoded PowerShell scripts

Trace ScriptBlock execution for powershell v2

Query and report user logons relations from MS Windows Security Events

A list of free and open forensics analysis tools and other resources

PowerShell module for Office 365 and Azure log collection

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

YEDDA: A Lightweight Collaborative Text Span Annotation Tool. Code for ACL 2018 Best Demo Paper Nomination.

Cross-Platform Universal Log Viewer.

Super timeline all the things

pastaʃ'ʃ = Spaghetti I/O Event Data Processing, Interpolation, Correlation and beyond 🍝

Very basic CLI SIEM (Security Information and Event Management system).

An n:m message multiplexer written in Go

A high-performant Logging Foundation for Go Applications. X3 faster than the rest leveled loggers.

📱 A simple & efficient iOS logging framework for high usage apps

Automagically extract forensic timeline from volatile memory dump

Everything related to Linux Forensics

Educational, CTF-styled labs for individuals interested in Memory Forensics

Edited version of Lee Christensen's Get-NetworkConnection which includes timestamp for each network connection

Pipe arbitrary data rows (logs, events, cdrs, esl, etc) to HEP Server (HOMER)

Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)

Web browser forensics for Google Chrome/Chromium

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

Provides various Windows Server Active Directory (AD) security-focused reports.

RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.

Android client for LogDNA

An Incident Response tool to extract console command history and screen output buffer

Python 3 Script to parse out iTunes backups

🦒 Beautiful Logger for Node.js: the best alternative to the console.log statement

Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR) teams quickly identify suspicious hosts on which to focus their response.

Windows Event Interactions in Python

This is a Smart Game Foundation (Not Framework)

Live system forensic collector

This is a Platform that collects all the data accuring in your Application and shows the data in real time by using Kibana or other tools.

Minimalistic DNS logging tool

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Open Source SIEM (Security Information and Event Management system).

This toolkit aims to help forensicators perform different kinds of acquisitions on iOS devices

Carve file metadata from NTFS index ($I30) attributes

Log Viewer - Home Assistant Community Add-ons

Retrieve useful information from apache/nginx access logs to help troubleshoot traffic related problems

Cross-platform html/io [L]ogger with simple API.

swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.

Automation and Scaling of Digital Forensics Tools

A Serverless plugin to transport logs to ElasticSearch

UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.

CDIR (Cyber Defense Institute Incident Response) Collector - live collection tool based on oss tool/library

Volatility Explorer Suit