Alternatives and similar repositories for ETWMonitor

Users that are interested in ETWMonitor are comparing it to the libraries listed below

• sadshade / veeam-creds
  Collection of scripts to retrieve stored passwords from Veeam Backup
  ☆132Updated last month
• daddycocoaman / dumpscan
  Finding secrets in kernel and user memory
  ☆116Updated last year
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• sensepost / mydumbedr
  ☆119Updated last year
• soufianetahiri / RansomwareSimulator.public
  Ransomware simulator written in C#
  ☆37Updated 3 years ago
• CICADA8-Research / MyMSIAnalyzer
  Analyse MSI files for vulnerabilities
  ☆137Updated 10 months ago
• MalwareTech / HiddenDesktop
  Create and enumerate hidden desktops.
  ☆90Updated last year
• p0dalirius / FindUnusualSessions
  A tool to remotely detect unusual sessions opened on windows machines using RPC
  ☆115Updated last month
• MzHmO / Privileger
  Privileger is a tool to work with Windows Privileges
  ☆136Updated 2 years ago
• notdodo / LocalAdminSharp
  .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
  ☆157Updated 2 years ago
• mlcsec / FormThief
  Spoofing desktop login applications with WinForms and WPF
  ☆176Updated last year
• p0dalirius / ldap2json
  The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
  ☆136Updated 8 months ago
• hackerhouse-opensource / WMIProcessWatcher
  A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
  ☆135Updated last year
• icyguider / NewPowerDNS
  Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.
  ☆84Updated 2 years ago
• Octoberfest7 / DNS_Tunneling
  DNS Tunneling using powershell to download and execute a payload. Works in CLM.
  ☆219Updated 3 years ago
• dsnezhkov / shutter
  ☆119Updated 4 years ago
• georgesotiriadis / MalwareDev
  ☆85Updated 2 years ago
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆66Updated 2 years ago
• SafeBreach-Labs / aikido_wiper
  ☆67Updated 2 years ago
• ProcessusT / Bypass-AV-DirectSyscalls
  Scripts permettant de contourner la protection antivirale de Windows Defender via la technique de Direct Syscalls avec une injection de s…
  ☆30Updated 2 years ago
• ghostpepper108 / Evasion
  ☆107Updated 2 years ago
• AetherBlack / abuseACL
  A python script to automatically list vulnerable Windows ACEs/ACLs.
  ☆57Updated 3 weeks ago
• maliciousgroup / C2_Automation
  C2 Automation using Linode
  ☆82Updated 2 years ago
• FourCoreLabs / LolDriverScan
  Scan vulnerable drivers on Windows with loldrivers.io
  ☆181Updated last year
• bohops / DynamicDotNet
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆143Updated last year
• NUL0x4C / DeleteShadowCopies
  Deleting Shadow Copies In Pure C++
  ☆114Updated 2 years ago
• xaitax / PatchaPalooza
  A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.
  ☆185Updated 4 months ago
• WildByDesign / ACLViewer
  ACL Viewer for Windows
  ☆125Updated 2 months ago
• mallo-m / AxiomLoader
  Shellcode loader based on indirect syscall
  ☆22Updated 5 months ago
• LaresLLC / ScrapingKit
  Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if y…
  ☆100Updated 2 years ago