APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Convert Windows Event Log .evtx files to other formats.

A Python script that parses CPER-formatted raw data contained in error event log provided by WHEA-Logger

Python 3-based multithreaded Windows Event monitoring program

Menu-based scanner for Hayabusa intended for scanning mounted images and folders with EVTX files.

Herramientas en Python para convertir logs de **Windows Event Logs (.evtx)** a **JSON**, pensadas para análisis forense, threat hunting, detección y procesamiento automatizado de eventos.

Python tool that monitors Windows Security Event Log for brute force activity (Event ID 4625), generates formatted reports, and sends automated Gmail alerts — runs daily via Task Scheduler.

CLI tool that ingests log files, clusters similar events by signature, and ranks the top production issues by frequency and severity. Supports Windows Event Log, syslog, JSON-lines, and plain text.

A Python toolkit for first-level SOC triage: failed login detection, IOC matching, Nmap exposure parsing, IAM risk triage, JSON findings, Markdown reports, and automated tests.

Python-based SOC simulation tool for Windows Security log analysis, threat detection, incident correlation, ticketing, MITRE ATT&CK mapping, and SOC reporting.

Python-based Windows Event Log analyzer for detecting suspicious authentication, privilege, account, and process activity.