This is a repository that is meant to hold detections for various process injection techniques.
☆34Mar 3, 2020Updated 6 years ago
Alternatives and similar repositories for Detecting-Process-Injection-Techniques
Users that are interested in Detecting-Process-Injection-Techniques are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Dec 16, 2020Updated 5 years ago
- A repository that maps API calls to Sysmon Event ID's.☆122Nov 14, 2022Updated 3 years ago
- ☆13Feb 25, 2021Updated 5 years ago
- Sentinel Guard - Use to build up Honeypot and Honeynet with ZERO cost easily and simply.☆18Jul 25, 2021Updated 4 years ago
- ☆48Mar 19, 2020Updated 6 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- Read Windows message table entries.☆11Feb 5, 2023Updated 3 years ago
- OSSEM Common Data Model☆56Sep 20, 2022Updated 3 years ago
- Crystal Anti-Exploit Protection 2012☆37May 31, 2020Updated 5 years ago
- Script for parsing Symantec Endpoint Protection logs, VBNs, and ccSubSDK database.☆65Dec 21, 2022Updated 3 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 6 years ago
- Links to malware-related YARA rules☆15Sep 29, 2022Updated 3 years ago
- API Hammering with C++20☆52Jul 21, 2022Updated 3 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- An example code of CiGetCertPublisherName☆16Mar 24, 2022Updated 4 years ago
- Proof of Concept of TrustZone exploit☆16Aug 10, 2025Updated 9 months ago
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Mar 13, 2022Updated 4 years ago
- ☆14Jun 21, 2020Updated 5 years ago
- ☆53Oct 27, 2018Updated 7 years ago
- Vectored Exception Handling Squared☆30Dec 27, 2025Updated 4 months ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆98Aug 27, 2023Updated 2 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Jul 5, 2020Updated 5 years ago
- ☆24Mar 19, 2020Updated 6 years ago
- ☆18Mar 28, 2023Updated 3 years ago
- ☆24Apr 22, 2025Updated last year
- Repository for my ATT&CK analysis research.☆70May 16, 2019Updated 7 years ago
- ☆43Jul 6, 2022Updated 3 years ago
- Documentation and supporting script sample for Windows Exploit Guard☆168Sep 8, 2025Updated 8 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 3 years ago
- Dump of organized knowledge on DFIR☆137Oct 4, 2021Updated 4 years ago
- ☆39Jun 28, 2019Updated 6 years ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆220Sep 17, 2019Updated 6 years ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆85May 18, 2026Updated last week
- Generic and transparent TLS inspection for local programs☆26Oct 24, 2024Updated last year
- Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool☆21Oct 2, 2020Updated 5 years ago