Advanced Windows Event Log threat hunter in pure PowerShell — Sigma-subset detection, correlation engine, per-entity risk scoring, self-contained HTML reports. Zero dependencies, air-gap ready.

log-analysis powershell incident-response dfir threat-hunting digital-forensics sigma soc security-tools blue-team mitre-attack evtx threat-detection windows-event-logs windows-security detection-engineering event-log-analysis zavetsec

• Updated Jun 5, 2026
• PowerShell

This project aims to redesign Windows audit policy configurations to reduce log noise and enhance detection clarity within Splunk. The objective is to produce a streamlined, purposeful audit policy that supports effective threat detection, baselining, and investigative workflows in a lab or SOC simulation environment.

windows-security-auditing audit-policy-optimization splunk-detection-engineering soc-lab-automation event-log-analysis

• Updated Jun 30, 2025
• Jupyter Notebook

A modern Flet-based UI for PM4PY that enables process mining, discovery, conformance checking, filtering, and analysis of event logs without writing code.

python bpmn petri-net process-mining business-process-management conformance-checking process-discovery pm4py process-analytics flet process-intelligence event-log-analysis

• Updated Mar 11, 2026
• Python

BeCode AD lab on Azure : build, harden, detect. 11 MITRE techniques, 11/11 detection rate. External credential-stuffing capture as real-world validation.

active-directory sysmon threat-hunting homelab red-team blue-team becode mitre-attack security-monitoring azure-lab purple-team kerberoasting detection-engineering lolbin incident-detection windows-server-2025 event-log-analysis gpo-hardening powershell-logging

• Updated May 19, 2026
• HTML