SadProcessor / EzETWLinks
Cmdlets for capturing Windows Events
☆14Updated 3 years ago
Alternatives and similar repositories for EzETW
Users that are interested in EzETW are comparing it to the libraries listed below
Sorting:
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆26Updated last year
- Platform independent library for interfacing windows security descriptors☆19Updated 7 months ago
- A Canary which fires when uninstalled☆34Updated 4 years ago
- ☆23Updated 5 months ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Updated 2 years ago
- Threat Mitigation Strategies☆25Updated 2 years ago
- Takes the original idea of NetCease and adds functionality☆24Updated 3 years ago
- Evtx Log (xml) Browser☆56Updated 2 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆31Updated 4 years ago
- Active Directory Group Policy analyzer☆14Updated 5 years ago
- Accompanying PowerShell Modules for DevSec Defense Presentation☆29Updated 7 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Updated 4 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Updated 3 years ago
- Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.☆33Updated last year
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated 2 years ago
- BloodHound Data Scanner☆45Updated 5 years ago
- A collection of my presentation materials.☆17Updated last year
- Quick and dirty PoSH code to read teams messages☆22Updated 6 months ago
- A tool to create COM class/interface relationships in neo4j☆50Updated 2 years ago
- ☆16Updated 7 years ago
- Active Directory Toolkit☆20Updated 6 years ago
- AD Live changes viewer☆36Updated 2 years ago
- Offensive tool for guessing Active Directory credentials via Kerberos☆9Updated last year
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆34Updated last year
- ☆23Updated 3 years ago
- Registry hive parsing the async way☆21Updated 4 months ago
- ☆28Updated 2 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆15Updated 4 years ago