Alternatives and similar repositories for ETWMonitor

Users that are interested in ETWMonitor are comparing it to the libraries listed below

• p0dalirius / ldap2json
  The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
  ☆132Updated 6 months ago
• ProcessusT / vulnspy
  VULNSPY regularly retrieves the latest alerts published by the CERT-FR and the related vulnerabilities with their CVSS score and allows y…
  ☆38Updated 2 years ago
• akamai / Invoke-DHCPCheckup
  ☆103Updated last year
• p0dalirius / FindUnusualSessions
  A tool to remotely detect unusual sessions opened on windows machines using RPC
  ☆104Updated last month
• Leo4j / Invoke-SessionHunter
  Retrieve and display information about active user sessions on remote computers. No admin privileges required.
  ☆184Updated 9 months ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 7 months ago
• Elymaro / PassTester
  Identify the accounts most vulnerable to dictionary attacks
  ☆119Updated last month
• ProcessusT / Bypass-AV-DirectSyscalls
  Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de s…
  ☆28Updated 2 years ago
• LuemmelSec / Client-Checker
  ☆174Updated 5 months ago
• ProcessusT / Dictofuscation
  Obfuscate the bytes of your payload with an association dictionary
  ☆59Updated last week
• ANSSI-FR / guide-journalisation-microsoft
  Guide journalisation Microsoft
  ☆60Updated 10 months ago
• AetherBlack / abuseACL
  A python script to automatically list vulnerable Windows ACEs/ACLs.
  ☆53Updated 5 months ago
• NUL0x4C / NoRunPI
  Run Your Payload Without Running Your Payload
  ☆181Updated 2 years ago
• ProcessusT / CobaltStrikeBypassDefender
  A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique
  ☆26Updated 2 years ago
• icyguider / NewPowerDNS
  Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.
  ☆83Updated 2 years ago
• xaitax / PatchaPalooza
  A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.
  ☆182Updated 2 months ago
• soufianetahiri / RansomwareSimulator.public
  Ransomware simulator written in C#
  ☆36Updated 2 years ago
• ricardojoserf / SharpCovertTube
  Youtube as C2 channel - Control Windows systems uploading QR videos to Youtube
  ☆89Updated 10 months ago
• CobblePot59 / ADcheck
  Assess the security of your Active Directory with few or all privileges.
  ☆316Updated 3 weeks ago
• mallo-m / AxiomLoader
  Shellcode loader based on indirect syscall
  ☆22Updated 3 months ago
• synacktiv / ntdissector
  ☆139Updated 9 months ago
• JoelGMSec / PSAsyncShell
  PowerShell Asynchronous TCP Reverse Shell
  ☆157Updated last year
• ProcessusT / MasterKeyBrute
  Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
  ☆19Updated 4 months ago
• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆184Updated last year
• synacktiv / Invoke-RunAsWithCert
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆150Updated last year
• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆114Updated 2 years ago
• mtth-bfft / adeleg
  Active Directory delegation management tool
  ☆298Updated last year
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆151Updated last year
• zeronetworks / ldapfw
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆155Updated 4 months ago
• 0xJs / domain_audit
  Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.
  ☆164Updated 7 months ago