luctalpe / WMIMonLinks
Tool to monitor WMI activity on Windows
☆290Updated 4 years ago
Alternatives and similar repositories for WMIMon
Users that are interested in WMIMon are comparing it to the libraries listed below
Sorting:
- A collection of free miscellaneous Windows tools☆139Updated 2 months ago
- A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies☆227Updated 3 years ago
- Windows Registry Knowledge Base☆186Updated 11 months ago
- Microsoft Message Analyzer EOL Archive☆168Updated 5 years ago
- Expand compressed files from WinSxS folder☆163Updated 2 months ago
- Module to provide PowerShell functions that abstract Win32 API functions☆249Updated last year
- Windows registry file format specification☆345Updated 6 years ago
- Lnk file parser☆87Updated 3 months ago
- ☆23Updated 8 months ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆308Updated last year
- AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10☆123Updated 8 months ago
- Commandline low level file extractor for NTFS☆299Updated 6 years ago
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆245Updated 2 weeks ago
- A PowerShell module to assist in parsing and managing catalog files.☆22Updated 8 years ago
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆193Updated 2 years ago
- Windows Prefetch parser. Supports all known versions from Windows XP to Windows 10.☆115Updated 8 months ago
- Parser for $UsnJrnl on NTFS☆115Updated 2 years ago
- A wireshark plugin to instrument ETW☆569Updated 3 years ago
- View ETW Provider manifest☆530Updated 10 months ago
- Analysis and manipulation of extended attribute ($EA) on NTFS☆38Updated 10 years ago
- Sysmon Tools for PowerShell☆232Updated 7 years ago
- Tool to convert SDDL to readable text☆41Updated 7 years ago
- A set of tools to retrieve and parse TCG measured boot logs. Microsoft refers to these as Windows Boot Confirguration Logs (WBCL). In ord…☆63Updated 7 years ago
- Full featured, offline Registry parser in C#☆234Updated 2 weeks ago
- 🚀AutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitima…☆280Updated 8 months ago
- Win 10/11 related research☆194Updated last year
- Configure Windows Defender ExploitGuard, Reset all ProcessMitigation, Import clean recommended Baseline Configuration☆41Updated 4 years ago
- Library and tools to access the Windows NT Registry File (REGF) format☆126Updated last year
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Library and tools to access the Windows Prefetch File (SCCA) format.☆79Updated last week