all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Winevt_Logs_Analysis - Searching .Evtx Logs For Remote Connections

Add to bookmarks
Feb. 5, 2023, 11:30 a.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions.

You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder.


The winevt/Logs folders and the script must have identical file path.

Execution Example

Result Example



Download Winevt_Logs_Analysis

connections download evtx files folder folders install ips logins logs machine path pip public requirements result script sessions simple txt windows work

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The … 5 hours ago | www.kitploit.com
c2-cloud command & control hacking tool offensive security +4
OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log … 1 day, 5 hours ago | www.kitploit.com
attack detection lfi detection oste-web-log-analyzer rfi detection +1
ThievingFox - Remotely Retrieving Credentials From Password Managers And Windows Utilities 2 days, 5 hours ago | www.kitploit.com
ntlm post-exploitation powershell python +7
Galah - An LLM-powered Web Honeypot Using The OpenAI API 3 days, 5 hours ago | www.kitploit.com
galah golang llm openai api +3
CrimsonEDR - Simulate The Behavior Of AV/EDR For Malware Development Training 4 days, 5 hours ago | www.kitploit.com
amsi antivirus crimsonedr dll +5
Url-Status-Checker - Tool For Swiftly Checking The Status Of URLs 5 days ago | www.kitploit.com
bugbountyautomation bugbounty tools httpx infosys +2
CSAF - Cyber Security Awareness Framework 6 days, 5 hours ago | www.kitploit.com
csaf cybersecurity awareness linux socks5 +2
Espionage - A Linux Packet Sniffing Suite For Automated MiTM Attacks 1 week ago | www.kitploit.com
arp-spoofing cybersecurity networking packet capture +5
HackerInfo - Infromations Web Application Security 1 week, 1 day ago | www.kitploit.com
hackerinfo python python3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Principal Business Value Consultant

@ Palo Alto Networks | Chicago, IL, United States
View on infosec-jobs.com

Cybersecurity Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Penetration Testing Engineer- Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com

Internal Audit- Compliance & Legal Audit-Dallas-Associate

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com

Threat Responder

@ Deepwatch | Remote
View on infosec-jobs.com
View more jobs