Alternatives and similar repositories for WinLogHunt

Users that are interested in WinLogHunt are comparing it to the libraries listed below

• jonny-jhnson / JonMon-Lite
  ☆48Updated 7 months ago
• rbmm / Hollowed-Process
  ☆30Updated 4 months ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆43Updated 2 years ago
• jonny-jhnson / LDAPMon
  ☆46Updated 2 years ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆65Updated 2 years ago
• I3IT / Detect.Remote.ShadowSnapshot.Dump
  Detect Remote Local Credentials Dumping using a Shadow Snapshot
  ☆31Updated 11 months ago
• ashemery / REDM
  Reverse Engineering and Debugging Malware
  ☆32Updated 2 years ago
• cod3nym / Ghosting-AMSI
  Ghosting-AMSI
  ☆18Updated 8 months ago
• bartblaze / DotNet-MetaData
  Identifies metadata of .NET binary files.
  ☆21Updated last year
• atabetnouhaila / API-hashing
  ☆18Updated last year
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆39Updated 10 months ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated last year
• kozmer / silentpulse
  single-threaded event driven sleep obfuscation poc for linux
  ☆37Updated 7 months ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• matthw / malware_analysis
  ☆18Updated last year
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated 2 years ago
• HulkOperator / AuthStager
  ☆59Updated last year
• Teach2Breach / NtCreateUserProcess_rs
  example using NtCreateUserProcess in rust
  ☆19Updated 11 months ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆52Updated last year
• FuzzySecurity / SAFACon-Vienna
  ☆23Updated last year
• rasta-mouse / KerbApp
  ☆32Updated last year
• ACE-Responder / rpcfirewall-extended-telemetry
  ☆15Updated last year
• FarghlyMal / Config-Extractors
  ☆27Updated last year
• codewhitesec / SysmonEnte
  ☆76Updated 3 years ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆30Updated last year
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆35Updated 2 years ago
• ustayready / tradecraft
  Red Teaming Tradecraft
  ☆28Updated 3 years ago
• Logisek / CalcOrItDidntHappen
  A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch cal…
  ☆33Updated last week
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆19Updated 2 years ago