Alternatives and similar repositories for golang-etw:

Users that are interested in golang-etw are comparing it to the libraries listed below

• D00Movenok / goMalleable
  🔎🪲 Malleable C2 profiles parser and assembler written in golang
  ☆61Updated 8 months ago
• aus / gopherheaven
  Go implementation of the Heaven's Gate technique
  ☆96Updated 3 years ago
• synacktiv / AMSI-Bypass
  Lists of AMSI triggers (VBA, JScript / VBScript)
  ☆32Updated 5 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• Ne0nd0g / go-clr
  A PoC package for hosting the CLR and executing .NET from Go
  ☆68Updated 6 months ago
• iammaguire / Gotato
  Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.
  ☆112Updated 3 years ago
• morph3 / Windows-RPC-Backdoor
  Simple windows rpc server for research purposes only
  ☆82Updated 2 years ago
• airzero24 / WMIReg
  PoC to interact with local/remote registry hives through WMI
  ☆84Updated 4 years ago
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated last year
• N4kedTurtle / ExecuteAssembly_Mailslot
  ☆36Updated 4 years ago
• ayoul3 / reflect-pe
  Reflectively load PE
  ☆102Updated 4 years ago
• timwhitez / Doge-Whisper
  golang implementation of Syswhisper2/Syswhisper3
  ☆23Updated 2 years ago
• timwhitez / Doge-Assembly
  Golang evasion tool, execute-assembly .Net file
  ☆94Updated 2 years ago
• jfmaes / SharpNukeEventLog
  nuke that event log using some epic dinvoke fu
  ☆116Updated 3 years ago
• audibleblink / dummyDLL
  Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
  ☆41Updated last year
• xpn / AppProxyC2
  ☆66Updated 3 years ago
• Cobalt-Strike / callback_examples
  This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions
  ☆30Updated 6 months ago
• soufianetahiri / CitrixSecureAccessAuthCookieDump
  Dump Citrix Secure Access auth cookie from the process memory
  ☆72Updated 2 years ago
• jsecurity101 / RandomPOCs
  Repo that holds random POCs
  ☆48Updated last year
• grines / goc2
  MacOS C2 Framework
  ☆82Updated 3 years ago
• RiccardoAncarani / TaskShell
  ☆56Updated 3 years ago
• Synzack / Go-Syscall-Examples
  Simple PoCs for utilizing Windows syscalls in Go
  ☆15Updated 4 years ago
• FalconForceTeam / SysWhispers2BOF
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆120Updated 2 years ago
• nettitude / RunOF
  ☆141Updated 2 years ago
• timwhitez / AddressOfEntryPoint-injection
  x64 version
  ☆30Updated 3 years ago
• wabzsy / gonut
  Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
  ☆41Updated last year
• N4kedTurtle / HellsGatePoC
  ☆50Updated 4 years ago
• sliverarmory / COFFLoader
  ☆42Updated 2 years ago
• citronneur / kerlab
  Kerberos laboratory to better understand and then detecting attack on kerberos
  ☆67Updated 3 years ago
• Allevon412 / PPL_Sandboxer
  ☆80Updated 2 years ago