Live ETW-TI event viewer for Windows kernel threat-intelligence telemetry. Research tool for exploring the same signals commercial EDRs rely on.
☆140Apr 15, 2026Updated 2 weeks ago
Alternatives and similar repositories for EtwTiViewer
Users that are interested in EtwTiViewer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Материалы курса Ethical Hacking and Penetration Testing☆10Jun 25, 2022Updated 3 years ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 8 months ago
- ☆14Sep 26, 2023Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Aug 14, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Aug 19, 2025Updated 8 months ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆25Mar 19, 2026Updated last month
- ☆200Mar 28, 2025Updated last year
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆47Feb 6, 2026Updated 2 months ago
- Here you can find some vulnerable Windows Kernel Drivers☆13Feb 21, 2025Updated last year
- Payload Generation Workflow☆41Jul 18, 2025Updated 9 months ago
- PowerShell Script to automatically abuse the BadSuccessor vulnerability (CVE-2025-53779)☆45Nov 19, 2025Updated 5 months ago
- ☆48Dec 21, 2025Updated 4 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This repository will contain source codes from the Tradecraft improvement blog series☆15Mar 27, 2025Updated last year
- ExchangeHound is a defensive BloodHound OpenGraph collector for on-prem Microsoft Exchange that maps mailbox delegation and Exchange priv…☆68Apr 17, 2026Updated 2 weeks ago
- This is a simulation of attack by (Voodoo Bear) APT group targeting entities in Eastern Europe the attack campaign was active as early as…☆11Jun 19, 2024Updated last year
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆21Updated this week
- PoC framework for Sliver compilation☆22Jan 14, 2025Updated last year
- An offensive toolkit for restless guests #DEFCON33☆59Aug 11, 2025Updated 8 months ago
- ☆31Aug 13, 2025Updated 8 months ago
- AI-based Ludus range configuration builder☆29May 6, 2025Updated 11 months ago
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Parses Snaffler output file and generate beautified outputs.☆142Jan 4, 2026Updated 4 months ago
- Shellcode injection using the Windows Debugging API☆178Jan 4, 2026Updated 4 months ago
- ☆15Apr 29, 2023Updated 3 years ago
- Nim implementation for sud0Ru's Credential Dumping from SAM/SECURITY Hives Method (a.k.a. SilentHarvest)☆104Apr 4, 2026Updated last month
- abusing windows toast notifications for fun and user manipulation☆100Mar 20, 2026Updated last month
- A modern GoPhish fork with improved tracking accuracy and smarter detection.☆92Feb 16, 2026Updated 2 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆46Sep 25, 2024Updated last year
- This repo for Windows x32-x64 Kernel/User Mode Exploitation writeups and exploits☆24Oct 20, 2025Updated 6 months ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 7 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆154Apr 18, 2025Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- Bypassing Amsi using LdrLoadDll☆48Jan 8, 2025Updated last year
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆156Nov 23, 2025Updated 5 months ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆139Dec 7, 2025Updated 4 months ago