Public Catalog Sources
Public repositories available in the log catalog.
Yamoto Security Hayabusa
Yamato-Security/hayabusa-sample-evtx
Curated log samples for Hayabusa rule testing. Includes samples from community attack datasets, DeepBlueCLI, and MITRE ATT&CK®-mapped collections.
License: MIT
Attack Samples
sbousseaden/EVTX-ATTACK-SAMPLES
Windows event samples mapped to MITRE ATT&CK® techniques. ~200 files organized by tactic: Credential Access, Defense Evasion, Execution, Lateral Movement, Persistence, Privilege Escalation, and more.
License: GPL-3.0
EVTX to MITRE Attack
mdecrevoisier/EVTX-to-MITRE-Attack
Log samples organized by MITRE ATT&CK® technique IDs (e.g. TA0002-Execution/T1059.001-PowerShell). Covers Initial Access, Execution, Persistence, Credential Access, Lateral Movement, and more.
License: CC-BY-4.0
See Supported Log Types for which log formats can be processed.