Kali Linux

Winevt_logs_analysis : Searching .evtx Logs For Remote Connections

Winevt logs analysis is a simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions.

You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder.

The winevt/Logs folders and the script must have identical file path.

Execution Example

Result Example

Click Here To Download
R K

Leave a Comment
Share
Published by
R K
Tags: remote connectionswindowsWinevt_logs_analysis
3 years ago

Recent Posts

Install Apache on Ubuntu 20.04: Setup and Virtual Host Guide

Apache is one of the most widely used open-source web servers in the world. It is…

6 hours ago

Add Swap Space on Ubuntu 20.04: Create, Enable, and Tune

Swap space is an area on disk that Linux uses when it runs out of physical…

6 hours ago

Install Zoom on Ubuntu 20.04: Download, Setup, and Remove

Zoom is one of the most widely used video conferencing platforms. Zoom works on Windows, macOS,…

6 hours ago

Install Webmin on Ubuntu 20.04: Complete Setup and Login Guide

Webmin is an open-source web-based control panel for Linux servers. It gives you a browser interface…

6 hours ago

Install MariaDB on Ubuntu 20.04: Setup and Admin Access

MariaDB is an open-source relational database management system. It was created by the original MySQL developers…

6 hours ago

Best OSINT Tools for Investigating Corruption 2026: Public Records and Link Analysis

Corruption investigations need accuracy, patience, and strong evidence. In 2026, OSINT tools can help researchers,…

6 hours ago