Alternatives and similar repositories for Windows-Event-Forwarder

Users that are interested in Windows-Event-Forwarder are comparing it to the libraries listed below

• nasbench / EVTX-ETW-Resources
  Event Tracing For Windows (ETW) Resources
  ☆393Updated 10 months ago
• zeronetworks / rpcfirewall
  ☆520Updated 2 months ago
• ion-storm / sysmon-edr
  Sysmon EDR POC Build within Powershell to prove ability.
  ☆226Updated 4 years ago
• cyberphor / Soap
  A PowerShell module for incident response and threat hunting.
  ☆34Updated last year
• Neo23x0 / sysmon-config
  Sysmon configuration file template with default high-quality event tracing
  ☆502Updated last week
• EricZimmerman / evtx
  C# based evtx parser with lots of extras
  ☆317Updated last month
• PhrozenIO / PowerRunAsSystem
  PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate …
  ☆265Updated 10 months ago
• atlantsecurity / windows-hardening-scripts
  Windows 10/11 hardening scripts
  ☆256Updated 7 months ago
• airbus-cert / ntTraceControl
  Powershell Event Tracing Toolbox
  ☆76Updated 3 years ago
• THEVER1TAS / sysmon-config
  Sysmon configuration file templates with advanced event tracing and blocking
  ☆41Updated last month
• mattifestation / WDACTools
  A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
  ☆219Updated 3 years ago
• microsoftarchive / New-KrbtgtKeys.ps1
  This script will enable you to reset the krbtgt account password and related keys while minimizing the likelihood of Kerberos authenticat…
  ☆430Updated last year
• ryanries / PassFiltEx
  PassFiltEx. An Active Directory Password Filter.
  ☆287Updated 2 months ago
• AaronMargosis / Aaron-Margosis-SysNocturnals-Tools
  A set of troubleshooting, diagnostic, and information utilities for Windows
  ☆60Updated last month
• canix1 / SDDL-Converter
  Tool to convert SDDL to readable text
  ☆41Updated 7 years ago
• MicrosoftDocs / WDAC-Toolkit
  Documentation and tools to access Windows Defender Application Control (WDAC) technology.
  ☆239Updated 2 months ago
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆155Updated last year
• davidhowell-tx / PS-SentinelOne
  PowerShell module for SentinelOne API
  ☆67Updated 2 years ago
• joeavanzato / Trawler
  PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
  ☆318Updated 3 months ago
• EricZimmerman / PECmd
  Prefetch Explorer Command Line
  ☆261Updated 7 months ago
• mtth-bfft / adeleg
  Active Directory delegation management tool
  ☆317Updated 2 years ago
• PowerShell / GPRegistryPolicyParser
  ☆158Updated last year
• Sleepw4lker / TameMyCerts
  Policy Module for Microsoft Active Directory Certificate Services
  ☆217Updated last week
• przybylskirobert / ADSecurity
  Place where I'm putting all the scripts and config files regarding Active Directory Security.
  ☆100Updated 9 months ago
• zeronetworks / ldapfw
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆170Updated 2 months ago
• airbus-cert / Winshark
  A wireshark plugin to instrument ETW
  ☆564Updated 3 years ago
• zjorz / Public-AD-Scripts
  AD Scripts
  ☆338Updated 5 months ago
• Kili69 / Tier0-User-Management
  Maintain Tier 0 users. This script take care all Tier 0 users are in the correct OU or in the default user container and add the Kerberos…
  ☆64Updated 4 months ago
• ANSSI-FR / DFIR4vSphere
  Powershell module for VMWare vSphere forensics
  ☆153Updated 9 months ago
• ANSSI-FR / ADTimeline
  Timeline of Active Directory changes with replication metadata
  ☆506Updated 4 months ago