Alternatives and similar repositories for EzETW

Users that are interested in EzETW are comparing it to the libraries listed below

• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated 2 years ago
• idnahacks / NetCeasePlusPlus
  Takes the original idea of NetCease and adds functionality
  ☆24Updated 3 years ago
• lkarlslund / azureimposter
  Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token
  ☆26Updated 2 years ago
• RedSiege / CLM-Base64
  This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode
  ☆26Updated last year
• automate-tim / conference-materials
  Speaking materials from conferences I've given
  ☆9Updated 2 years ago
• gtworek / SysvolExplorer
  Active Directory Group Policy analyzer
  ☆14Updated 5 years ago
• vu-ls / applywdac
  ☆23Updated 4 months ago
• skelsec / winacl
  Platform independent library for interfacing windows security descriptors
  ☆19Updated 6 months ago
• gpoguy / setpol
  Lets you write arbitrary registry entries to Group Policy related .pol files (e.g. registry.pol)
  ☆11Updated 5 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated 2 years ago
• randomaccess3 / block-parser
  Parser for Windows PowerShell script block logs
  ☆13Updated 6 months ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆45Updated 5 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Updated 2 years ago
• HarmJ0y / Invoke-ADDefense
  Defensive-oriented Active Directory enumeration
  ☆24Updated 9 years ago
• k3idii / ION
  Indicators of Normality
  ☆11Updated 2 years ago
• Xenov-X / PoSH_Teams_Message_Thief
  Quick and dirty PoSH code to read teams messages
  ☆22Updated 5 months ago
• kacos2000 / Evtx_Log_Browser
  Evtx Log (xml) Browser
  ☆56Updated 2 years ago
• RemiEscourrou / Invoke-Leghorn
  Leghorn code for PKI abuse
  ☆32Updated 4 years ago
• woanware / etw-event-dumper
  ☆33Updated 3 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 4 years ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 5 years ago
• commial / LiveDiffAD
  AD Live changes viewer
  ☆36Updated 2 years ago
• HackingThings / SuperSneakyExec
  Loading and executing shellcode in C# without PInvoke.
  ☆22Updated 3 years ago
• cfalta / ADT
  Active Directory Toolkit
  ☆20Updated 6 years ago
• api0cradle / BGInfo
  ☆16Updated 7 years ago
• Apr4h / GetInjectedThreads
  C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
  ☆54Updated 4 years ago
• ConstantinT / Lantern
  ☆23Updated 3 years ago
• fastlorenzo / redelk-kibana-app
  Kibana app for RedELK
  ☆17Updated 2 years ago
• nickvangilder / To-Safe-Mode-And-Beyond
  A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…
  ☆16Updated 3 years ago