libyal / libfwevtLinks
Library for Windows XML Event Log (EVTX) data types
☆18Updated 8 months ago
Alternatives and similar repositories for libfwevt
Users that are interested in libfwevt are comparing it to the libraries listed below
Sorting:
- ☆16Updated 7 years ago
- Shellcode injection using debugging APIs☆19Updated 11 years ago
- Common Malware Techniques☆13Updated 2 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆23Updated 4 years ago
- D00☆6Updated 3 years ago
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- Post-explotation Hacks☆14Updated 6 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14Updated 5 years ago
- Hyper-V virtual switch packet capturing extension with libpcap / Wireshark format☆12Updated 10 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Updated 6 years ago
- Code Injector Using Code Caves☆14Updated 9 years ago
- Self-Loading Registration Free COM Functions☆11Updated 5 years ago
- 🐧 A simple kernel-level rootkit☆20Updated 9 years ago
- C++ WinSock2 PCAP with RDI☆13Updated 8 years ago
- ☆10Updated 10 years ago
- An opensource API hooking framework☆22Updated 5 years ago
- Enumerate all processes and get specified file's handle,then close it.☆11Updated 6 years ago
- Run Managed Assemblies with RunDll☆17Updated 6 years ago
- Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation☆25Updated 7 years ago
- EventList - the Baseline Event Analyzer☆11Updated 5 years ago
- ☆24Updated 5 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆31Updated 7 years ago
- RunPE dump - I wrote this to have better control over the analysis of malwares. I can stop and analysis malware when it uses some of the …☆10Updated 9 years ago
- ☆10Updated 7 years ago
- it's a simple LKM rootkit.☆12Updated 8 years ago
- A wrapper for capstone for bearparser☆14Updated 2 years ago
- just a basic rootkit for learning how to playing sys_call_table☆14Updated 8 years ago
- ☆13Updated 7 years ago
- Experimental Windows .text section Patch Detector☆21Updated 10 years ago