endgameinc/ClrGuard external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

endgameinc/ClrGuard

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/endgameinc/ClrGuard)

Close

endgameinc / ClrGuardView on GitHubMore

• External links
• Readme badge

☆221Apr 2, 2018Updated 8 years ago

Alternatives and similar repositories for ClrGuard

Users that are interested in ClrGuard are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• tyranid / DotNetInteropDemos

  View on GitHub
  A set of demos and a PowerShell module to interact with DotNetInterop.
  ☆69Apr 7, 2018Updated 8 years ago
• matthastings / PSalander

  View on GitHub
  ☆52Sep 17, 2018Updated 7 years ago
• mandiant / SilkETW

  View on GitHub
  ☆830Jun 1, 2023Updated 2 years ago
• TheWover / ModuleMonitor

  View on GitHub
  Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…
  ☆42May 9, 2019Updated 6 years ago
• zacbrown / PowerKrabsEtw

  View on GitHub
  PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
  ☆103Nov 17, 2020Updated 5 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• tyranid / DotNetToJScript

  View on GitHub
  A tool to create a JScript file which loads a .NET v2 assembly from memory.
  ☆1,320Jan 18, 2021Updated 5 years ago
• outflanknl / TamperETW

  View on GitHub
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆192Mar 26, 2020Updated 6 years ago
• JLospinoso / gargoyle

  View on GitHub
  A memory scanning evasion technique
  ☆899May 24, 2017Updated 8 years ago
• Cyb3rWard0g / Invoke-ATTACKAPI

  View on GitHub
  A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
  ☆370Feb 7, 2019Updated 7 years ago
• pathtofile / SealighterTI

  View on GitHub
  Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
  ☆198Dec 6, 2022Updated 3 years ago
• am0nsec / SharpHellsGate

  View on GitHub
  C# Implementation of the Hell's Gate VX Technique
  ☆217Jun 30, 2020Updated 5 years ago
• veramine / Detections

  View on GitHub
  ☆108Mar 21, 2017Updated 9 years ago
• tyranid / windows-logical-eop-workshop

  View on GitHub
  ☆234Sep 10, 2017Updated 8 years ago
• zodiacon / EtwExplorer

  View on GitHub
  View ETW Provider manifest
  ☆583Nov 1, 2024Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• fireeye / pywintrace

  View on GitHub
  ETW Python Library
  ☆296Aug 11, 2023Updated 2 years ago
• gabriellandau / CISpotter

  View on GitHub
  Code Integrity Violation Spotter
  ☆17Jun 11, 2024Updated last year
• mattifestation / PoCSubjectInterfacePackage

  View on GitHub
  A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.
  ☆101Jan 7, 2018Updated 8 years ago
• Invoke-IR / ACE

  View on GitHub
  Automated, Collection, and Enrichment Platform
  ☆326Nov 14, 2019Updated 6 years ago
• ShellcodeSmuggler / IAT_POC

  View on GitHub
  POC for IAT Parsing Payloads
  ☆48Jan 1, 2017Updated 9 years ago
• monoxgas / sRDI

  View on GitHub
  Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
  ☆2,513Nov 15, 2023Updated 2 years ago
• FuzzySecurity / PSKernel-Primitives

  View on GitHub
  Exploit primitives for PowerShell
  ☆436Mar 25, 2018Updated 8 years ago
• xorrior / RemoteRecon

  View on GitHub
  Remote Recon and Collection
  ☆459Nov 23, 2017Updated 8 years ago
• danielbohannon / Invoke-CradleCrafter

  View on GitHub
  PowerShell Remote Download Cradle Generator & Obfuscator
  ☆851Mar 23, 2018Updated 8 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• RedSiege / WMImplant

  View on GitHub
  This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …
  ☆845Jun 25, 2024Updated last year
• Cn33liz / CScriptShell

  View on GitHub
  CScriptShell, a Powershell Host running within cscript.exe
  ☆163Apr 11, 2017Updated 9 years ago
• hotnops / COM_Mapper

  View on GitHub
  A tool to create COM class/interface relationships in neo4j
  ☆50Oct 12, 2022Updated 3 years ago
• FuzzySecurity / BlueHatIL-2020

  View on GitHub
  BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET
  ☆149Feb 15, 2020Updated 6 years ago
• jackullrich / ShellcodeStdio

  View on GitHub
  An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
  ☆533Jul 2, 2025Updated 9 months ago
• tyranid / DeviceGuardBypasses

  View on GitHub
  A repository of some of my Windows 10 Device Guard Bypasses
  ☆139Aug 3, 2017Updated 8 years ago
• passthehashbrowns / hook-integrity-checks

  View on GitHub
  ☆23May 28, 2021Updated 4 years ago
• paranoidninja / Process-Instrumentation-Syscall-Hook

  View on GitHub
  A simple program to hook the current process to identify the manual syscall executions on windows
  ☆267Nov 18, 2022Updated 3 years ago
• api0cradle / LOLBAS

  View on GitHub
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆1,617Dec 10, 2018Updated 7 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• rad9800 / VehApiResolve

  View on GitHub
  ☆119Aug 7, 2022Updated 3 years ago
• 0xcpu / winsmsd

  View on GitHub
  Windows (ShadowMove) Socket Duplication
  ☆88Apr 19, 2020Updated 5 years ago
• 0xbadjuju / WheresMyImplant

  View on GitHub
  A Bring Your Own Land Toolkit that Doubles as a WMI Provider
  ☆289Oct 31, 2018Updated 7 years ago
• CyberPoint / Ruxcon2016ETW

  View on GitHub
  Ruxcon2016 POC Code
  ☆141Nov 21, 2016Updated 9 years ago
• Genetic-Malware / Ebowla

  View on GitHub
  Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
  ☆762Jan 28, 2019Updated 7 years ago
• hatRiot / token-priv

  View on GitHub
  Token Privilege Research
  ☆877Sep 1, 2017Updated 8 years ago
• zacbrown / PowerShellMethodAuditor

  View on GitHub
  PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
  ☆37Sep 19, 2017Updated 8 years ago