Alternatives and similar repositories for WinLogHunt

Users that are interested in WinLogHunt are comparing it to the libraries listed below

• MythicMeta / Pantheon

  View on GitHub
  Community Eventing and Scripting examples
  ☆18Aug 11, 2025Updated 6 months ago
• saileaxh / DetectNtoskrnlIntegrity

  View on GitHub
  Windows Kernel Security: Memory Integrity Verification with Disk Verification of ntoskrnl.exe
  ☆15Mar 23, 2025Updated 10 months ago
• Octoberfest7 / ThreadCPUAssignment_POC

  View on GitHub
  A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread
  ☆30Sep 24, 2025Updated 4 months ago
• corelight / detect-ransomware-filenames

  View on GitHub
  ☆18Dec 20, 2024Updated last year
• Qfrost911 / KACE

  View on GitHub
  Emulate Drivers in RING3 with self context mapping or unicorn
  ☆21Jan 1, 2025Updated last year
• NeoMaster831 / rwDriver

  View on GitHub
  Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`
  ☆22Feb 10, 2024Updated 2 years ago
• tasox / Epimitheus

  View on GitHub
  Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.
  ☆19Mar 13, 2022Updated 3 years ago
• Zeyad-Azima / ShellcodeGenZ

  View on GitHub
  GenZ Shellcode Generator to execute commands with winExec API
  ☆22Apr 27, 2025Updated 9 months ago
• tsarpaul / RpcEnumIDA

  View on GitHub
  XPN's RpcEnum but based on IDA instead of Ghidra
  ☆21Aug 17, 2019Updated 6 years ago
• outflanknl / regcertipy

  View on GitHub
  Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does
  ☆94Jul 3, 2025Updated 7 months ago
• T1erno / bin2shellcode

  View on GitHub
  C++ tool and library for converting .bin files to shellcode in multiple output formats.
  ☆33Aug 18, 2025Updated 5 months ago
• bohops / COM-to-the-Darkside

  View on GitHub
  Slides and resources from MCTTP 2025 Talk
  ☆66Oct 26, 2025Updated 3 months ago
• OtterHacker / AWSRedirector

  View on GitHub
  ☆57Feb 16, 2025Updated 11 months ago
• jhalon / cSessionHop

  View on GitHub
  Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM
  ☆61Dec 25, 2025Updated last month
• FalconForceTeam / bof-winrm-plugin-jump

  View on GitHub
  ☆33Jan 23, 2025Updated last year
• ManulMap / malstring

  View on GitHub
  Using c++23 compile-time magic to produce obfuscated PIC strings and arrays.
  ☆31Jun 5, 2024Updated last year
• EvilBytecode / Ntdll-Unhook

  View on GitHub
  Unhook Ntdll.dll, Go & C++.
  ☆32Apr 21, 2025Updated 9 months ago
• 0xbad53c / OffSecOps-Arsenal

  View on GitHub
  Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.
  ☆45Aug 16, 2024Updated last year
• S3N4T0R-0X0 / Hunter

  View on GitHub
  Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…
  ☆91Apr 23, 2025Updated 9 months ago
• kr0tt / EarlyExceptionHandling

  View on GitHub
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆136Aug 31, 2025Updated 5 months ago
• nccgroup / UninstalledAppCanary

  View on GitHub
  A Canary which fires when uninstalled
  ☆34Mar 16, 2021Updated 4 years ago
• p0dalirius / bhopengraph

  View on GitHub
  A python library to create BloodHound OpenGraphs
  ☆52Feb 4, 2026Updated last week
• ricardojoserf / w11_shadow_copies

  View on GitHub
  Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11
  ☆81Jan 26, 2026Updated 2 weeks ago
• bitdefender / hypervinject-poc

  View on GitHub
  ☆58Jul 31, 2025Updated 6 months ago
• knight0x07 / WinRAR-CVE-2025-8088-PoC-RAR

  View on GitHub
  WinRAR 0day CVE-2025-8088 PoC RAR Archive
  ☆45Aug 12, 2025Updated 6 months ago
• two06 / LinkedIntel

  View on GitHub
  LinkedIn recon the easy way
  ☆111Jul 3, 2025Updated 7 months ago
• zero2504 / COMouflage

  View on GitHub
  COM-based DLL Surrogate Injection
  ☆140Dec 9, 2025Updated 2 months ago
• brosck / L1LKiller

  View on GitHub
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆44Dec 7, 2024Updated last year
• rvrsh3ll / FindIngressEmail

  View on GitHub
  Find Inbound Email Domains
  ☆35Dec 21, 2023Updated 2 years ago
• RythmStick / ProxyPunch

  View on GitHub
  Finding SSL Blindspots for Red Teams
  ☆35Jul 28, 2020Updated 5 years ago
• krystianbajno / cveseeker

  View on GitHub
  💎 Vulnerability assessment and vulnerability intelligence tool searching for vulnerabilities and exploits using keywords across multiple…
  ☆36Nov 12, 2025Updated 3 months ago
• JJK96 / PIClin

  View on GitHub
  From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…
  ☆53Sep 22, 2025Updated 4 months ago
• yo-yo-yo-jbo / commandline_spoofing

  View on GitHub
  Commandline spoofing on Windows
  ☆93Nov 25, 2025Updated 2 months ago
• ryanq47 / CS-EXTC2-ICMP

  View on GitHub
  An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.
  ☆114Oct 6, 2025Updated 4 months ago
• mewrev / inject

  View on GitHub
  Minimal DLL-injection tool.
  ☆37Apr 5, 2016Updated 9 years ago
• paranoidninja / DotNetTracer

  View on GitHub
  C code to enable ETW tracing for Dotnet Assemblies
  ☆32Aug 12, 2022Updated 3 years ago
• warhorse / docker-cobaltstrike

  View on GitHub
  A Cobaltstrike container, built for Warhorse
  ☆37Aug 8, 2024Updated last year
• Hackcraft-Labs / SharpShares

  View on GitHub
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆34Nov 13, 2023Updated 2 years ago
• 3dnow / NtCreateLowBoxToken

  View on GitHub
  A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering
  ☆42Jun 10, 2025Updated 8 months ago