Alternatives and similar repositories for finding_windows_privileges

Users that are interested in finding_windows_privileges are comparing it to the libraries listed below

• secgroundzero / ossem_modular
  OSSEM Modular
  ☆27Updated 5 years ago
• darkoperator / vscode-sysmon
  Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
  ☆53Updated 2 years ago
• vletoux / ADSecrets
  Set of ultra technical notes about AD
  ☆18Updated 7 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆111Updated 6 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• matthastings / PSalander
  ☆52Updated 7 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆45Updated 5 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆43Updated 6 years ago
• mvelazc0 / PurpleSpray
  PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…
  ☆51Updated 6 years ago
• zacbrown / PowerShellMethodAuditor
  PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
  ☆38Updated 8 years ago
• matthewdunwoody / PS_logging_reg
  A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed
  ☆16Updated 9 years ago
• michdu / WhatAmIMissing
  Get all AD objects which are hidden from you
  ☆18Updated 8 years ago
• itsreallynick / office-crackros
  Crack your macros like the math pros.
  ☆33Updated 8 years ago
• brokensound77 / toruk
  Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data
  ☆13Updated 6 years ago
• zacbrown / PowerKrabsEtw
  PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
  ☆103Updated 4 years ago
• OneLogicalMyth / Invoke-GPPCSE
  Obtains a list of GPOs based on known Client Side Extensions (CSE) that normally contain passwords
  ☆33Updated 6 years ago
• tvfischer / ps-srum-hunting
  PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting
  ☆23Updated 5 years ago
• chaoticmachinery / mass_triage_tools
  Mass Triage Tools
  ☆20Updated 7 months ago
• jakob-source / falcon-crowdstrike
  A collection of searches, interesting events and tables on Crowdstrike Splunk.
  ☆29Updated 4 years ago
• jimtin / IRCoreForensicFramework
  Powershell / C# based cross platform forensic framework based for live incident response
  ☆23Updated 5 years ago
• outflanknl / Invoke-Templator
  A PowerShell script to parse the docx/docm file format and update the template location.
  ☆17Updated 5 years ago
• darkoperator / Presentations
  Presentation Slides
  ☆26Updated 6 years ago
• tedhardyMSFT / EventLogUtilities
  Set of utilities for getting information about Windows Events
  ☆15Updated 7 years ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 6 years ago
• arekfurt / WinAWL
  ☆18Updated 6 years ago
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last month
• zshehri / MITRE_EDR_Eval
  Parsing MITRE EDR Evaluation results
  ☆12Updated 6 years ago
• aurel26 / gpocheck
  gpocheck
  ☆30Updated last year
• cbcommunity / cbapi-examples
  Repository for all cbapi example scripts
  ☆16Updated 7 years ago
• limbenjamin / TCPHound
  Win32 utility for auditing TCP connections
  ☆56Updated 5 years ago