Alternatives and similar repositories for EzETW

Users that are interested in EzETW are comparing it to the libraries listed below

• RedSiege / CLM-Base64
  This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode
  ☆27Updated last year
• lkarlslund / azureimposter
  Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token
  ☆26Updated 3 years ago
• api0cradle / BGInfo
  ☆15Updated 7 years ago
• idnahacks / NetCeasePlusPlus
  Takes the original idea of NetCease and adds functionality
  ☆24Updated 3 years ago
• vu-ls / applywdac
  ☆23Updated 10 months ago
• skelsec / winacl
  Platform independent library for interfacing windows security descriptors
  ☆22Updated this week
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆26Updated 4 months ago
• netwrix / LAPS-Permissions-Collection
  Looks up permissions within Active Directory on a target (OU or Computer) to determine access to LAPS attributes (ms-Mcs-AdmPwdExpiration…
  ☆16Updated 2 years ago
• cfalta / ADT
  Active Directory Toolkit
  ☆20Updated 6 years ago
• X-C3LL / wfp-reader
  Proof of concept - Covert Channel using Windows Filtering Platform (C#)
  ☆21Updated 4 years ago
• fastlorenzo / redelk-kibana-app
  Kibana app for RedELK
  ☆18Updated 2 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆17Updated last year
• kacos2000 / Evtx_Log_Browser
  Evtx Log (xml) Browser
  ☆56Updated 2 years ago
• YossiSassi / AD-Replication-Metadata
  Track previous changes on specific AD accounts (users, computers) and Groups (online DC), even if event logs were wiped/not collected (e.…
  ☆16Updated 10 months ago
• gtworek / SysvolExplorer
  Active Directory Group Policy analyzer
  ☆18Updated 6 years ago
• jakehildreth / adcs-snippets
  Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.
  ☆35Updated last year
• danielbohannon / DevSec-Defense
  Accompanying PowerShell Modules for DevSec Defense Presentation
  ☆30Updated 7 years ago
• HackingThings / SuperSneakyExec
  Loading and executing shellcode in C# without PInvoke.
  ☆22Updated 3 years ago
• nccgroup / WindowsMemPageDelta
  A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection
  ☆32Updated 5 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆45Updated 5 years ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• SecurityJosh / MuteSysmon
  A PowerShell script to prevent Sysmon from writing its events
  ☆16Updated 5 years ago
• nickvangilder / To-Safe-Mode-And-Beyond
  A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…
  ☆16Updated 4 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆22Updated 2 years ago
• k3idii / ION
  Indicators of Normality
  ☆11Updated 3 years ago
• Xenov-X / PoSH_Teams_Message_Thief
  Quick and dirty PoSH code to read teams messages
  ☆23Updated 11 months ago
• am0nsec / MCGC
  Minimalist Custom .NET Core Garbage Collector
  ☆23Updated 5 years ago
• OmerYa / ROP-From-Zero-to-Nation-State-In-25-Minutes
  Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
  ☆16Updated 5 years ago
• nccgroup / mimikatz-detector-busylight
  USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…
  ☆20Updated 3 years ago
• Apr4h / GetInjectedThreads
  C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
  ☆53Updated 4 years ago