Alternatives and similar repositories for cWMI

Users that are interested in cWMI are comparing it to the libraries listed below

• roo7cause / Ps1jacker
  Ps1jacker is a tool for generating COM Hijacking payload.
  ☆60Updated 10 months ago
• FuzzySecurity / BH-Arsenal-2019
  SilkETW & SilkService
  ☆40Updated 6 years ago
• ChrisAD / ads-payload
  Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…
  ☆53Updated last year
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆43Updated 7 years ago
• dmaasland / mcafee-config-decrypt
  ☆60Updated 5 years ago
• redcanaryco / wwhf
  Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.
  ☆64Updated 6 years ago
• DimopoulosElias / SimpleMimikatzObfuscator
  A set of commands to bypass Defender (and some other AVs)
  ☆20Updated 6 years ago
• outflanknl / DoH_c2_Trigger
  Code for blogpost: https://outflank.nl/blog/2018/10/25/building-resilient-c2-infrastructues-using-dns-over-https/
  ☆53Updated 7 years ago
• daddycocoaman / IronPentest
  Collection of IronPython scripts and executables for penetration testing
  ☆57Updated 6 years ago
• jeperez / windows-operating-system-archaeology
  windows-operating-system-archaeology @Enigma0x3 @subTee
  ☆47Updated 8 years ago
• jackson5sec / ShimDB
  Shim database persistence (Fin7 TTP)
  ☆37Updated 5 years ago
• vletoux / DetectPasswordViaNTLMInFlow
  Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …
  ☆59Updated 6 years ago
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• mortychannel / lnkexploit
  ☆43Updated 6 years ago
• darkquasar / WMI_Persistence
  A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
  ☆88Updated 8 years ago
• antman1p / SharpProcEnum
  .NET tool for enumeration processes and dumping memory.
  ☆57Updated 6 years ago
• rapid7 / rex-powershell
  Rex library for dealing with Powershell Scripts
  ☆53Updated 4 months ago
• v1ado / HIPS_LIPS
  Community maintained list of most popular HIPS service and process names on a Windows Platform.
  ☆43Updated 3 years ago
• eset / volatility-browserhooks
  Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
  ☆40Updated 6 years ago
• vysecurity / Invoke-ProcessScan
  Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.
  ☆48Updated 8 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆33Updated 3 years ago
• davehardy20 / PoSHBypass
  ☆25Updated 7 years ago
• curtbraz / Invoke-NeutralizeAV
  Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting
  ☆41Updated 6 years ago
• Arno0x / TCPRelayInjecter2
  Tool for injecting a "TCP Relay" managed assembly into an unmanaged process
  ☆65Updated 6 years ago
• enigma0x3 / windows-operating-system-archaeology
  windows-operating-system-archaeology @Enigma0x3 @subTee
  ☆23Updated 8 years ago
• mandiant / rvmi-rekall
  Rekall Forensics and Incident Response Framework with rVMI extensions
  ☆32Updated 4 years ago
• kmkz / Sources
  Random source codes
  ☆26Updated 2 months ago
• BorjaMerino / reflectPatcher
  Python script to patch the reflective stub in a DLL
  ☆24Updated 8 years ago
• malcomvetter / ChromePasswords
  ☆20Updated 7 years ago
• seifreed / awesome-sandbox-evasion
  A summary about different projects/presentations/tools to test how to evade malware sandbox systems
  ☆55Updated 7 years ago