Kali Linux

Winevt_logs_analysis : Searching .evtx Logs For Remote Connections

Winevt logs analysis is a simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions.

You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder.

The winevt/Logs folders and the script must have identical file path.

Execution Example

Result Example

R K

Recent Posts

Install Drupal on Ubuntu 18.04 with Composer, Nginx, and PHP

Drupal is one of the most widely used open-source CMS platforms in the world. Written in…

7 hours ago

Set Up an FTP Server on Ubuntu 18.04 with vsftpd and SSL

FTP (File Transfer Protocol) is a standard network protocol for transferring files between a local client…

7 hours ago

Create Python Virtual Environments on Ubuntu 18.04: venv Guide

A Python virtual environment is a self-contained directory that holds an isolated Python installation and its own…

7 hours ago

Install Slack on Ubuntu 18.04: Deb Package Install Guide

Slack is one of the most popular collaboration platforms in the world. Teams use it to…

7 hours ago

Change Hostname on Ubuntu 18.04: hostnamectl and /etc/hosts Guide

The hostname is the label that identifies a machine on a network. It appears in your terminal…

7 hours ago

Install and Configure Redis on Ubuntu 18.04: Remote Access Guide

Redis is an open-source, in-memory data structure store used as a database, cache, and message broker.…

1 day ago