Kali Linux

Winevt_logs_analysis : Searching .evtx Logs For Remote Connections

Winevt logs analysis is a simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions.

You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder.

The winevt/Logs folders and the script must have identical file path.

Execution Example

Result Example

R K

Recent Posts

Install Tomcat 9 on Ubuntu 18.04: Systemd Service Setup Guide

Apache Tomcat is an open-source Java application server that implements the Java Servlet, JavaServer Pages, and…

7 hours ago

Change Timezone on Ubuntu 18.04: Command Line and GUI Methods

Setting the correct timezone on your Ubuntu machine is more important than it sounds. Your…

7 hours ago

Install PrestaShop on Ubuntu 18.04 with Nginx and MySQL

PrestaShop is a free, open-source e-commerce platform built with PHP and MySQL. It comes with a…

8 hours ago

Set Up SSH Keys on Ubuntu 18.04: Passwordless Login Guide

SSH keys give you a more secure and convenient way to connect to remote servers. Instead…

8 hours ago

Install FFmpeg on Ubuntu 18.04: apt, Snap, and Usage Examples

FFmpeg is a free, open-source command-line tool for working with multimedia files. It can convert video…

8 hours ago

Set Up Nginx Server Blocks on Ubuntu 18.04: Host Multiple Sites

Nginx server blocks let you run more than one website on a single server. Each block…

1 day ago