Skip to content
Change the repository type filter

All

    Repositories list

    • Windows Event Log Audit Configuration Baselines and Guidelines. Automated monitoring of audit policy settings across different security frameworks.
      Batchfile
      MIT License
      21000Updated Apr 25, 2026Apr 25, 2026
    • Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
      Python
      Other
      2821731Updated Apr 24, 2026Apr 24, 2026
    • Encoded Hayabusa and Sigma rules to avoid anti-virus false positives and reduce files stored on target systems.
      Rust
      Other
      0910Updated Apr 24, 2026Apr 24, 2026
    • WELA

      Public
      WELA (Windows Event Log Analyzer, ゑ羅) is a tool for auditing Windows event log settings. Windows event logs are a vital source of information for Digital Forens…
      PowerShell
      MIT License
      79650Updated Apr 24, 2026Apr 24, 2026
    • hayabusa

      Public
      Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
      Rust
      GNU Affero General Public License v3.0
      2633.1k353Updated Apr 24, 2026Apr 24, 2026
    • AI analyzer for Hayabusa results.
      Python
      GNU Affero General Public License v3.0
      01600Updated Apr 10, 2026Apr 10, 2026
    • takajo

      Public
      Takajō (鷹匠) is a Hayabusa results analyzer.
      Nim
      GNU Affero General Public License v3.0
      10157170Updated Apr 6, 2026Apr 6, 2026
    • suzaku

      Public
      Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.
      Rust
      GNU Affero General Public License v3.0
      917430Updated Mar 29, 2026Mar 29, 2026
    • A fork of the evtx Rust crate for Hayabusa
      Rust
      Apache License 2.0
      31341Updated Dec 13, 2025Dec 13, 2025
    • Other
      31111Updated Dec 9, 2025Dec 9, 2025
    • 22100Updated Nov 19, 2025Nov 19, 2025
    • Sample evtx files to use for testing hayabusa detection rules
      46400Updated Nov 5, 2025Nov 5, 2025
    • IT-Yokai

      Public
      Collection of IT Yōkai (妖怪) (traditional Japanese supernatural beings)
      Other
      1700Updated Oct 31, 2025Oct 31, 2025
    • Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
      Python
      GNU General Public License v3.0
      01540Updated Oct 22, 2025Oct 22, 2025
    • This repository generates rules to be used with WELA for auditing Windows event log audit settings.
      Rust
      GNU General Public License v3.0
      0500Updated Oct 9, 2025Oct 9, 2025
    • Documentation and scripts to properly enable Windows event logs.
      Batchfile
      GNU General Public License v3.0
      6669430Updated Oct 3, 2025Oct 3, 2025
    • Sample cloud logs to test with Suzaku.
      2400Updated Sep 29, 2025Sep 29, 2025
    • A fork of the Rust library for parsing and evaluating Sigma rules
      Rust
      Apache License 2.0
      8210Updated Jul 28, 2025Jul 28, 2025
    • .github

      Public
      0100Updated Apr 21, 2025Apr 21, 2025
    • WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
      PowerShell
      GNU General Public License v3.0
      7977890Updated Feb 3, 2023Feb 3, 2023
    • RustyBlue

      Public archive
      RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.
      Rust
      MIT License
      67200Updated Oct 13, 2022Oct 13, 2022
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.