SadProcessor / EzETWLinks
Cmdlets for capturing Windows Events
☆14Updated 3 years ago
Alternatives and similar repositories for EzETW
Users that are interested in EzETW are comparing it to the libraries listed below
Sorting:
- Threat Mitigation Strategies☆25Updated last year
- Platform independent library for interfacing windows security descriptors☆18Updated 5 months ago
- Speaking materials from conferences I've given☆9Updated 2 years ago
- ☆23Updated 3 months ago
- ☆16Updated 7 years ago
- Accompanying PowerShell Modules for DevSec Defense Presentation☆29Updated 7 years ago
- Parser for Windows PowerShell script block logs☆13Updated 5 months ago
- Active Directory Group Policy analyzer☆14Updated 5 years ago
- Takes the original idea of NetCease and adds functionality☆24Updated 3 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Collection Of Scripts And Utilities For Windows Event Hunting☆18Updated 5 years ago
- Lets you write arbitrary registry entries to Group Policy related .pol files (e.g. registry.pol)☆11Updated 5 years ago
- BloodHound Data Scanner☆45Updated 4 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated 2 years ago
- Set of ultra technical notes about AD☆18Updated 7 years ago
- ☆26Updated 6 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Updated 2 years ago
- ☆9Updated 8 years ago
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆26Updated last year
- Defensive-oriented Active Directory enumeration☆24Updated 9 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- Custom scripts released for BSidesDC 2016☆14Updated 8 years ago
- AD Live changes viewer☆36Updated 2 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Updated 3 years ago
- Offensive tool for guessing Active Directory credentials via Kerberos☆9Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 2 years ago
- Automatically generated Sysmon parser for Azure Sentinel☆17Updated this week
- A PowerShell script to prevent Sysmon from writing its events☆15Updated 5 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Updated 3 years ago
- ☆12Updated 3 years ago