Alternatives and similar repositories for ETWMonitor

Users that are interested in ETWMonitor are comparing it to the libraries listed below

• ProcessusT / vulnspy
  VULNSPY regularly retrieves the latest alerts published by the CERT-FR and the related vulnerabilities with their CVSS score and allows y…
  ☆38Updated 2 years ago
• p0dalirius / ldap2json
  The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
  ☆136Updated 8 months ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆114Updated 2 years ago
• ricardojoserf / SharpCovertTube
  Youtube as C2 channel - Control Windows systems uploading QR videos to Youtube
  ☆90Updated last year
• ANSSI-FR / guide-journalisation-microsoft
  Guide journalisation Microsoft
  ☆69Updated 11 months ago
• mgeeky / msidump
  MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.
  ☆213Updated 2 years ago
• ProcessusT / MasterKeyBrute
  Bruteforce DPAPI encrypted MasterKey File from Windows Credentials Manager
  ☆21Updated 5 months ago
• Octoberfest7 / DNS_Tunneling
  DNS Tunneling using powershell to download and execute a payload. Works in CLM.
  ☆219Updated 3 years ago
• soufianetahiri / RansomwareSimulator.public
  Ransomware simulator written in C#
  ☆37Updated 3 years ago
• mallo-m / AxiomLoader
  Shellcode loader based on indirect syscall
  ☆22Updated 4 months ago
• NUL0x4C / NoRunPI
  Run Your Payload Without Running Your Payload
  ☆182Updated 2 years ago
• ProcessusT / Bypass-AV-DirectSyscalls
  Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de s…
  ☆30Updated 2 years ago
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆181Updated last year
• winsecurity / Offensive-C-Sharp
  ☆164Updated 2 years ago
• Elymaro / PassTester
  Identify the accounts most vulnerable to dictionary attacks
  ☆120Updated 2 months ago
• BlackSnufkin / PT-ToolKit
  Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement
  ☆65Updated 3 years ago
• CodeXTF2 / WindowSpy
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆275Updated 4 months ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• deepinstinct / NoFilter
  ☆300Updated 8 months ago
• JoelGMSec / PSAsyncShell
  PowerShell Asynchronous TCP Reverse Shell
  ☆158Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 9 months ago
• StevenD33 / Lab-DFIR-SOC
  ☆67Updated 4 years ago
• mtth-bfft / adeleg
  Active Directory delegation management tool
  ☆301Updated 2 years ago
• LuemmelSec / Client-Checker
  ☆183Updated 2 weeks ago
• S12cybersecurity / RDPCredentialStealer
  RDPCredentialStealer it's a malware that steal credentials provided by users in RDP using API Hooking with Detours in C++
  ☆249Updated 2 years ago
• SafeBreach-Labs / aikido_wiper
  ☆67Updated 2 years ago
• icyguider / NewPowerDNS
  Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.
  ☆84Updated 2 years ago
• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆184Updated last year
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆176Updated 2 years ago
• LETHAL-FORENSICS / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆242Updated 2 months ago