0xrawsec / golang-etwView external linksLinks
☆43Sep 22, 2022Updated 3 years ago
Alternatives and similar repositories for golang-etw
Users that are interested in golang-etw are comparing it to the libraries listed below
Sorting:
- Go library for ETW (Event Tracing for Windows) events processing☆72Jul 13, 2022Updated 3 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- Terraform playbook of a vulnerable Azure deployment☆10Apr 28, 2022Updated 3 years ago
- Provides a multi-platform Graphical User Interface for hashlookup☆12Jul 12, 2024Updated last year
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- Go implementation of an Extensible Storage Engine parser☆32Feb 15, 2025Updated last year
- Erebus is a payload generator written in Nim.☆16Jun 13, 2023Updated 2 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- ☆57Apr 19, 2023Updated 2 years ago
- Lightweight Threat Detection System - (Base)☆15Apr 15, 2024Updated last year
- string encryption in Nim☆20Jun 15, 2024Updated last year
- Microsoft365 Device Code Phishing Framework☆39Sep 4, 2021Updated 4 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35May 21, 2025Updated 8 months ago
- service location protocol amplified denial of service attack verification tool☆16Apr 25, 2023Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated last year
- Simple tool to dump/hide services in services.exe process.☆14Apr 22, 2022Updated 3 years ago
- ☆27Jul 13, 2025Updated 7 months ago
- ☆22Jan 31, 2023Updated 3 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆95May 9, 2023Updated 2 years ago
- ☆16Apr 30, 2024Updated last year
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 2 years ago
- CLI tool to compute the TypeRefHash for .NET binaries.☆19Nov 10, 2021Updated 4 years ago
- Corsair LL Access driver abuse☆24Apr 16, 2021Updated 4 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 4 months ago
- Utility functions for building Windows kernel drivers in Rust☆20Nov 16, 2021Updated 4 years ago
- ScrapeAW is a framework that without API scrape IPs across the world using Shodan☆11May 16, 2024Updated last year
- Code Exec via Excel☆89Jul 31, 2017Updated 8 years ago
- ☆24Aug 30, 2019Updated 6 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- Virus Total Free - IOC parser and report generator☆25Mar 19, 2023Updated 2 years ago
- Get the process name or process id on windows☆20Jun 1, 2025Updated 8 months ago
- The repository accompanying the Buer Emulation workshop☆23Aug 18, 2021Updated 4 years ago
- Exploits made practicing for OSCE☆23Dec 3, 2020Updated 5 years ago
- Just another elf library☆31Dec 28, 2023Updated 2 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Oct 26, 2019Updated 6 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- CVE-2022-37042 Zimbra Auth Bypass leads to RCE☆30Dec 9, 2022Updated 3 years ago