Awesome

Sample EVTX Repository:

The sample .evtx files come from the following repositories:

• DeepBlueCLI - Attack detection tool written in Powershell.
• EVTX ATTACK Samples - EVTX attack sample event log files by SBousseaden.
• EVTX-to-MITRE-Attack - Another great repository of EVTX attack sample logs mapped to ATT&CK.

as well as originally created .evtx files from Yamato Security.

We are trying to gather as many evtx files as we can for detection engineering.

Warning: Anti-virus sometimes will mistakenly alert when downloading and/or unzipping this repository due to keywords like "mimikatz", etc... There are no executable files in this repository so they are all false positives.