Alternatives and similar repositories for cWMI

Users that are interested in cWMI are comparing it to the libraries listed below

• roo7cause / Ps1jacker
  Ps1jacker is a tool for generating COM Hijacking payload.
  ☆60Updated 10 months ago
• FuzzySecurity / BH-Arsenal-2019
  SilkETW & SilkService
  ☆40Updated 6 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆43Updated 7 years ago
• redcanaryco / wwhf
  Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.
  ☆64Updated 6 years ago
• outflanknl / DoH_c2_Trigger
  Code for blogpost: https://outflank.nl/blog/2018/10/25/building-resilient-c2-infrastructues-using-dns-over-https/
  ☆54Updated 7 years ago
• jackson5sec / ShimDB
  Shim database persistence (Fin7 TTP)
  ☆37Updated 5 years ago
• matthewdunwoody / POSHSPY
  POSHSPY backdoor code
  ☆45Updated 8 years ago
• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• GoSecure / DLLPasswordFilterImplant
  DLL Password Filter Implant with Exfiltration Capabilities
  ☆138Updated 5 years ago
• v1ado / HIPS_LIPS
  Community maintained list of most popular HIPS service and process names on a Windows Platform.
  ☆43Updated this week
• antman1p / SharpProcEnum
  .NET tool for enumeration processes and dumping memory.
  ☆57Updated 6 years ago
• WMSR / utils
  ☆11Updated 5 years ago
• rapid7 / rex-powershell
  Rex library for dealing with Powershell Scripts
  ☆54Updated 5 months ago
• 3gstudent / bitsadminexec
  Use bitsadmin to maintain persistence and bypass Autoruns
  ☆66Updated 8 years ago
• homjxi0e / ReaCOM
  ReaCOM has got a lot of tools to use and is related to component object model
  ☆74Updated 5 years ago
• mandiant / rvmi-rekall
  Rekall Forensics and Incident Response Framework with rVMI extensions
  ☆33Updated 4 years ago
• kmkz / Sources
  Random source codes
  ☆26Updated 2 weeks ago
• malcomvetter / DnsCache
  ☆45Updated 7 years ago
• FSecureLABS / SharpGPO-RemoteAccessPolicies
  A C# tool for enumerating remote access policies through group policy.
  ☆73Updated 6 years ago
• mortychannel / lnkexploit
  ☆43Updated 6 years ago
• 0xAnalyst / Sysmon
  Sysmon config for both Windows and Linux Devices. Windows one is a bit dated
  ☆55Updated last year
• vletoux / DetectPasswordViaNTLMInFlow
  Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …
  ☆59Updated 6 years ago
• DissectMalware / MalwareCMDMonitor
  Shows command lines used by latest instances analyzed on Hybrid-Analysis
  ☆43Updated 7 years ago
• seifreed / awesome-sandbox-evasion
  A summary about different projects/presentations/tools to test how to evade malware sandbox systems
  ☆55Updated 7 years ago
• malcomvetter / ChromePasswords
  ☆20Updated 7 years ago
• dmaasland / mcafee-config-decrypt
  ☆60Updated 5 years ago
• ChrisAD / ads-payload
  Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…
  ☆55Updated last year
• Arno0x / TCPRelayInjecter2
  Tool for injecting a "TCP Relay" managed assembly into an unmanaged process
  ☆65Updated 6 years ago
• Big5-sec / SourceFu
  hopefully a source-to-source deobfuscator, aiming at deobfuscating common scripts languages such as Powershell, VBA and Javascript. Curre…
  ☆40Updated 6 years ago