Alternatives and similar repositories for EzETW:

Users that are interested in EzETW are comparing it to the libraries listed below

• idnahacks / NetCeasePlusPlus
  Takes the original idea of NetCease and adds functionality
  ☆24Updated 3 years ago
• gpoguy / setpol
  Lets you write arbitrary registry entries to Group Policy related .pol files (e.g. registry.pol)
  ☆11Updated 5 years ago
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year
• vu-ls / applywdac
  ☆23Updated last month
• automate-tim / conference-materials
  Speaking materials from conferences I've given
  ☆9Updated 2 years ago
• ReconInfoSec / adversary-emulation-map
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Updated 3 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated last year
• randomaccess3 / block-parser
  Parser for Windows PowerShell script block logs
  ☆13Updated 3 months ago
• CsaProtocol / PowerShell-FIM
  File integrity monitor proof-of-concept in PowerShell sends a message via Telegram when it detects changes to a specified directory. It c…
  ☆11Updated 2 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• danielbohannon / DevSec-Defense
  Accompanying PowerShell Modules for DevSec Defense Presentation
  ☆29Updated 7 years ago
• YossiSassi / AD-Replication-Metadata
  Track previous changes on specific AD accounts (users, computers) and Groups (online DC), even if event logs were wiped/not collected (e.…
  ☆16Updated 2 months ago
• api0cradle / BGInfo
  ☆16Updated 6 years ago
• lkarlslund / azureimposter
  Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token
  ☆26Updated 2 years ago
• Ben0xA / PowerShellScripts
  Random PowerShell Scripts
  ☆16Updated 3 years ago
• fastlorenzo / redelk-kibana-app
  Kibana app for RedELK
  ☆17Updated 2 years ago
• gtworek / SysvolExplorer
  Active Directory Group Policy analyzer
  ☆14Updated 5 years ago
• vletoux / ADSecrets
  Set of ultra technical notes about AD
  ☆18Updated 6 years ago
• Truneski / Invoke-DBC2
  ☆9Updated 8 years ago
• leechristensen / GetNTLMChallenge
  Obtains a crackable hash for the current user account
  ☆23Updated 6 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• HarmJ0y / Invoke-ADDefense
  Defensive-oriented Active Directory enumeration
  ☆23Updated 9 years ago
• HackingThings / SuperSneakyExec
  Loading and executing shellcode in C# without PInvoke.
  ☆20Updated 3 years ago
• X-C3LL / wfp-reader
  Proof of concept - Covert Channel using Windows Filtering Platform (C#)
  ☆21Updated 3 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆17Updated 11 months ago
• 0sm0s1z / Invoke-SelfSignedWebRequest
  This repo exists as a quick and dirty arsenal of methods and scripts to subvert .NET SSL/TLS certificate validation in PowerShell and pre…
  ☆11Updated 8 years ago
• tmenochet / PowerSpray
  Offensive tool for guessing Active Directory credentials via Kerberos
  ☆9Updated last year
• skelsec / winacl
  Platform independent library for interfacing windows security descriptors
  ☆17Updated 3 months ago
• jborean93 / PSDetour-Hooks
  Auditing Hooks for https://github.com/jborean93/PSDetour
  ☆12Updated 2 weeks ago
• FuzzySecurity / DotNetToJScript-LanguageModeBreakout
  ☆26Updated 6 years ago