issues
search
EricZimmerman
/
evtx
C# based evtx parser with lots of extras
MIT License
282
stars
59
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Create TerminalServices-Gateway Maps
#141
AndrewRathbun
closed
3 years ago
0
Update Sysmon Maps
#140
AndrewRathbun
closed
3 years ago
0
Update Maps
#139
AndrewRathbun
closed
3 years ago
0
Add SMB Server 551 Map, and fix lookup tables
#138
AndrewRathbun
closed
3 years ago
0
Added Cylance Alerts for Events 1 and 2
#137
AndrewRathbun
closed
3 years ago
0
Linux support
#136
Eran-YT
closed
2 years ago
1
Create Microsoft-Windows-Sysmon-Operational_Microsoft-Windows-Sysmon_…
#135
AndrewRathbun
closed
3 years ago
0
.NET 5 support
#134
Eran-YT
closed
3 years ago
2
Nuget package
#133
Eran-YT
closed
3 years ago
1
Fix Bits Maps output and lint issues
#132
AndrewRathbun
closed
3 years ago
0
Create SMBServer-Operational:1020, update Security:5145 and 5140
#131
AndrewRathbun
closed
3 years ago
0
Create System_Application-Popup_26.map
#130
AndrewRathbun
closed
3 years ago
0
Create Microsoft-Windows-PowerShell-Operational_Microsoft-Windows-PowerShell_4103.map
#129
AndrewRathbun
closed
3 years ago
0
Add Lookup Tables to Many Security Events
#128
AndrewRathbun
closed
3 years ago
0
Create System_LsaSrv_45057.map
#127
AndrewRathbun
closed
3 years ago
0
Create System_Service-LsaSrv_40960.map
#126
AndrewRathbun
closed
3 years ago
0
Add OAlerts Maps from Phill Moore
#125
AndrewRathbun
closed
3 years ago
0
Fix regex in EventRecord class to prevent the removal of relevant data
#124
Karneades
closed
3 years ago
1
Update issue templates
#123
Karneades
closed
3 years ago
0
Fix regex in EventRecord to fix missing event data
#122
Karneades
closed
3 years ago
17
Update issue templates (s/KAPE/evtx)
#121
Karneades
closed
3 years ago
1
Add new System:7040 map
#120
AndrewRathbun
closed
3 years ago
0
New System map, updated System map
#119
AndrewRathbun
closed
3 years ago
0
'Provider' must not be empty
#118
antmar904
closed
3 years ago
3
Update Guide/Template with XPATH documentation, examples, etc
#117
AndrewRathbun
closed
3 years ago
0
Create Security_Microsoft-Windows-Security-Auditing_4674.map
#116
AndrewRathbun
closed
3 years ago
0
Create Microsoft-Windows-WER-Diag-Operational_Microsoft-Windows-WER-D…
#115
AndrewRathbun
closed
3 years ago
0
Create adPWDManager_adPWDManager_110.map
#114
AndrewRathbun
closed
3 years ago
0
Modify Firewall_2006.map output
#113
AndrewRathbun
closed
3 years ago
0
Create Microsoft-Windows-SMBServer-Audit_Microsoft-Windows-SMBServer_…
#112
AndrewRathbun
closed
3 years ago
0
Add CrowdStrike Maps
#111
AndrewRathbun
closed
3 years ago
0
Add/Update Symantec Maps
#110
AndrewRathbun
closed
3 years ago
0
New maps
#109
AndrewRathbun
closed
3 years ago
0
Update documentation/description
#108
AndrewRathbun
closed
3 years ago
0
Minor fixes
#107
AndrewRathbun
closed
3 years ago
0
Update PULL_REQUEST_TEMPLATE.md
#106
AndrewRathbun
closed
3 years ago
0
YAML fixes
#105
AndrewRathbun
closed
3 years ago
0
Update YAML
#104
AndrewRathbun
closed
3 years ago
0
Update Security_Microsoft-Windows-Security-Auditing_5156.map
#103
AndrewRathbun
closed
3 years ago
0
Update mapping on various Maps for better readability during analysis
#102
AndrewRathbun
closed
3 years ago
0
Create Microsoft-Windows-Ntfs-Operational_Ntfs_55.map
#101
hyuunnn
closed
3 years ago
0
Create Microsoft-Windows-Ntfs-Operational_Microsoft-Windows-Ntfs_151.map
#100
AndrewRathbun
closed
3 years ago
0
Integer as string
#99
forensenellanebbia
opened
3 years ago
3
Integer instead of string
#98
forensenellanebbia
closed
3 years ago
2
ID 6416 Audit PNP Activity
#97
forensenellanebbia
closed
3 years ago
1
Fix Filenames
#96
AndrewRathbun
closed
3 years ago
0
Fix Filenames
#95
AndrewRathbun
closed
3 years ago
0
Update maps
#94
AndrewRathbun
closed
3 years ago
0
Fix Map Descriptions
#93
AndrewRathbun
closed
3 years ago
0
Update Sysmon Documentation
#92
AndrewRathbun
closed
3 years ago
0
Previous
Next