Alternatives and similar repositories for ETWMonitor

Users that are interested in ETWMonitor are comparing it to the libraries listed below

• Octoberfest7 / DNS_Tunneling
  DNS Tunneling using powershell to download and execute a payload. Works in CLM.
  ☆229Updated 3 years ago
• sadshade / veeam-creds
  Collection of scripts to retrieve stored passwords from Veeam Backup
  ☆140Updated 6 months ago
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆184Updated 2 years ago
• p0dalirius / ldap2json
  The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
  ☆140Updated last year
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated 2 years ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆223Updated 2 years ago
• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆116Updated 3 years ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆96Updated 3 years ago
• LaresLLC / ScrapingKit
  Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if y…
  ☆99Updated 2 years ago
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆66Updated 2 years ago
• Mr-Un1k0d3r / ATP-PowerShell-Scripts
  Microsoft Signed PowerShell scripts
  ☆219Updated 2 years ago
• deepinstinct / NoFilter
  ☆302Updated last year
• SafeBreach-Labs / aikido_wiper
  ☆68Updated 2 years ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆118Updated 2 years ago
• ashemery / Anti-Forensics
  A Repository to Track Anti-Forensic Techniques
  ☆117Updated 2 years ago
• notdodo / LocalAdminSharp
  .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
  ☆158Updated 3 years ago
• sensepost / mydumbedr
  ☆120Updated last year
• mlcsec / FormThief
  Spoofing desktop login applications with WinForms and WPF
  ☆177Updated last year
• mattifestation / AntimalwareBlight
  Execute PowerShell code at the antimalware-light protection level.
  ☆141Updated 2 years ago
• OmriBaso / BesoToken
  A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).
  ☆93Updated 3 years ago
• georgesotiriadis / MalwareDev
  ☆84Updated 3 years ago
• soufianetahiri / RansomwareSimulator.public
  Ransomware simulator written in C#
  ☆37Updated 3 years ago
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• bohops / DynamicDotNet
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆146Updated last year
• MalwareTech / HiddenDesktop
  Create and enumerate hidden desktops.
  ☆88Updated last year
• trustedsec / SliverKeylogger
  ☆167Updated 2 years ago
• jconwell / secret_handshake
  A prototype malware C2 channel using x509 certificates over mTLS
  ☆151Updated last year
• synacktiv / ntdissector
  ☆163Updated 5 months ago