Trace ScriptBlock execution for powershell v2
☆40Jan 14, 2020Updated 6 years ago
Alternatives and similar repositories for PSTrace
Users that are interested in PSTrace are comparing it to the libraries listed below
Sorting:
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- A simple parser(library) which extracts shimcache data from windows.☆15May 20, 2019Updated 6 years ago
- ☆21Jun 3, 2021Updated 4 years ago
- ☆42Sep 16, 2022Updated 3 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- Détection d'anomalie à partir des journaux d'authentification Windows☆18Apr 16, 2021Updated 4 years ago
- A modern Python-3-based alternative to RegRipper☆205Mar 31, 2025Updated 11 months ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 6 years ago
- PowerShell Pass The Hash Utils☆16Dec 9, 2018Updated 7 years ago
- Tools for analysing the forward DNS data set published at https://scans.io/study/sonar.fdns_v2☆17Sep 17, 2017Updated 8 years ago
- A rewrite of mactime, a bodyfile reader☆39Aug 5, 2024Updated last year
- Control Flow Guard Teleportation demo☆23Jul 28, 2019Updated 6 years ago
- A series of GPO templates☆21Jan 2, 2017Updated 9 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆40Dec 20, 2016Updated 9 years ago
- GPO Bypass is a tool / proof-of-concept that highlights how one can bypass Group Policy enforced policies. It uses Firefox as an example.☆14Jan 28, 2023Updated 3 years ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆216Sep 17, 2019Updated 6 years ago
- Presentations and example code from various sessions.☆23Sep 28, 2020Updated 5 years ago
- Security Advisories☆11Sep 22, 2019Updated 6 years ago
- CVE-2024-53691�☆14Jan 13, 2025Updated last year
- Check for know iframeBuster XSS☆12Sep 25, 2024Updated last year
- Microsoft decompiled IrDA drivers☆16Apr 15, 2015Updated 10 years ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- Powershell Module Template with GitHub, PowerShellGallery and AppVeyor.☆13Oct 7, 2019Updated 6 years ago
- GCNotify is an Outlook addin for quickly forwarding mail as attachment to a pre-defined e-mail address.☆12Jan 17, 2023Updated 3 years ago
- Sample use cases of the .NET native code hooking technique☆218Feb 9, 2018Updated 8 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- Crystal Anti-Exploit Protection 2012☆37May 31, 2020Updated 5 years ago
- This module is used to report phishing URLs to their WHOIS/RDAP abuse contact information.☆42Jul 30, 2017Updated 8 years ago
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.☆47Jun 5, 2017Updated 8 years ago
- Utility to decompress Linux swsusp hibernation file.☆28Aug 11, 2021Updated 4 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆32Nov 25, 2019Updated 6 years ago
- Attacking and defending web and VPN session hijacking in Pulse Secure Connect☆14Oct 24, 2019Updated 6 years ago
- ☆11Aug 2, 2017Updated 8 years ago
- Work in Progress repo☆16Apr 18, 2019Updated 6 years ago
- Appendix resources for Intrinsec's "Amélioration des capacités de détection" handbook.☆13Mar 26, 2018Updated 7 years ago
- exploit for CVE-2018-4193☆69Feb 13, 2019Updated 7 years ago
- PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk☆30Oct 4, 2016Updated 9 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Jul 8, 2022Updated 3 years ago