Alternatives and similar repositories for ETWMonitor

Users that are interested in ETWMonitor are comparing it to the libraries listed below

• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆42Updated last year
• markuta / bw-dump
  A proof-of-concept for (CVE-2023-38840) that extracts plaintext master passwords from a locked Bitwarden vault.
  ☆41Updated last year
• SafeBreach-Labs / aikido_wiper
  ☆68Updated 2 years ago
• georgesotiriadis / MalwareDev
  ☆84Updated 3 years ago
• FourCoreLabs / LolDriverScan
  Scan vulnerable drivers on Windows with loldrivers.io
  ☆182Updated 2 years ago
• mlcsec / FormThief
  Spoofing desktop login applications with WinForms and WPF
  ☆176Updated last year
• MalwareTech / HiddenDesktop
  Create and enumerate hidden desktops.
  ☆91Updated last year
• sensepost / mydumbedr
  ☆121Updated last year
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated 2 years ago
• ghostpepper108 / Evasion
  ☆108Updated 2 years ago
• hackerhouse-opensource / WMIProcessWatcher
  A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
  ☆134Updated last year
• Octoberfest7 / DNS_Tunneling
  DNS Tunneling using powershell to download and execute a payload. Works in CLM.
  ☆228Updated 3 years ago
• LaresLLC / ScrapingKit
  Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if y…
  ☆100Updated 2 years ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆116Updated 2 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆86Updated 2 months ago
• hackerhouse-opensource / Artillery
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆179Updated last year
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆104Updated 3 years ago
• JPCERTCC / CobaltStrike-Config
  Repository for archiving Cobalt Strike configuration
  ☆35Updated last week
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆66Updated 2 years ago
• p0dalirius / ldap2json
  The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
  ☆139Updated 10 months ago
• MzHmO / Privileger
  Privileger is a tool to work with Windows Privileges
  ☆138Updated 2 years ago
• mattifestation / AntimalwareBlight
  Execute PowerShell code at the antimalware-light protection level.
  ☆141Updated 2 years ago
• CICADA8-Research / MyMSIAnalyzer
  Analyse MSI files for vulnerabilities
  ☆138Updated last year
• sadshade / veeam-creds
  Collection of scripts to retrieve stored passwords from Veeam Backup
  ☆133Updated 3 months ago
• d1rkmtrr / PSpersist
  Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…
  ☆84Updated 2 years ago
• Orange-Cyberdefense / leHACK-2022
  ☆16Updated 3 years ago
• dsnezhkov / shutter
  ☆120Updated 4 years ago
• notdodo / LocalAdminSharp
  .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
  ☆160Updated 2 years ago
• maliciousgroup / C2_Automation
  C2 Automation using Linode
  ☆84Updated 3 years ago