GitHub

ntTraceControl -- Powershell Event Tracing Toolbox

ntTraceControl is a set of Powershell commands to forge/generate Windows logs. Simply put, ntTraceControl supports Detection teams by simplifying the testing of detection use cases and alerts without ...
GitHub

A PowerShell module for parsing exchange transport log files on further investigation.

This command takes single logfile, hole folders or folder structures with logfiles, parse trough the files and put out an valid an flatten parseable object. Anyboday, who tried to read native ...