Kali Linux

Winevt_logs_analysis : Searching .evtx Logs For Remote Connections

Winevt logs analysis is a simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions.

You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder.

The winevt/Logs folders and the script must have identical file path.

Execution Example

Result Example

R K

Recent Posts

Enable SSH on Ubuntu 18.04: Install, Connect, and Manage

SSH (Secure Shell) is a cryptographic network protocol that creates a secure, encrypted connection between your…

7 hours ago

Install Node.js and npm on Ubuntu 18.04: Three Methods Compared

Node.js is an open-source, cross-platform JavaScript runtime that lets you run JavaScript on the server side,…

7 hours ago

Set DNS Nameservers on Ubuntu 18.04: Desktop and Server Guide

DNS (Domain Name System) is what translates domain names into IP addresses. When you type a…

7 hours ago

Install Docker on Ubuntu 18.04: Setup, Images, and Containers

Docker is a containerization platform that lets you package applications and their dependencies into lightweight, portable…

8 hours ago

Install Yarn on Ubuntu 18.04: APT Setup and Essential Commands

Yarn is a fast, reliable JavaScript package manager that works alongside npm. It was built to fix…

8 hours ago

Install Webmin on Ubuntu 18.04: Web Control Panel Setup Guide

Webmin is an open-source, browser-based control panel for Linux server administration. Instead of managing your server…

1 day ago