Alternatives and similar repositories for WinLogHunt

Users that are interested in WinLogHunt are comparing it to the libraries listed below

• jonny-jhnson / JonMon-Lite
  ☆47Updated 5 months ago
• I3IT / Detect.Remote.ShadowSnapshot.Dump
  Detect Remote Local Credentials Dumping using a Shadow Snapshot
  ☆30Updated 9 months ago
• jonny-jhnson / LDAPMon
  ☆45Updated 2 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated 2 years ago
• rbmm / Hollowed-Process
  ☆30Updated 2 months ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated last year
• FuzzySecurity / SAFACon-Vienna
  ☆23Updated last year
• bartblaze / DotNet-MetaData
  Identifies metadata of .NET binary files.
  ☆21Updated last year
• dobin / DetonatorAgent
  Detonate malware on VMs and get logs & detection status
  ☆60Updated last week
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆50Updated 2 years ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆19Updated 2 years ago
• atabetnouhaila / API-hashing
  ☆18Updated last year
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• vysecurity / Nemesis-Download-Watcher
  Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.
  ☆15Updated last year
• cod3nym / Ghosting-AMSI
  Ghosting-AMSI
  ☆18Updated 6 months ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆45Updated last year
• redskal / SharpAzbelt
  .NET port of Leron Gray's azbelt tool.
  ☆26Updated 2 years ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• Teach2Breach / NtCreateUserProcess_rs
  example using NtCreateUserProcess in rust
  ☆19Updated 9 months ago
• jonny-jhnson / MSFT_DriverBlockList
  Repository of Microsoft Driver Block Lists based off of OS-builds
  ☆40Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Updated 2 years ago
• decoder-it / Troopers24
  ☆41Updated last year
• 0xe7 / EventSniper
  ☆20Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆74Updated 3 years ago
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆29Updated last year
• HulkOperator / AuthStager
  ☆58Updated last year
• outflanknl / unmanaged-dotnet-patch
  Modify managed functions from unmanaged code
  ☆52Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• rbmm / ARL
  ☆24Updated 9 months ago