mandiant / SilkETWLinks
☆768Updated 2 years ago
Alternatives and similar repositories for SilkETW
Users that are interested in SilkETW are comparing it to the libraries listed below
Sorting:
- PowerShell Obfuscation Detection Framework☆735Updated last year
- C# based evtx parser with lots of extras☆308Updated last month
- ☆428Updated 2 years ago
- Tool Analysis Result Sheet☆353Updated 7 years ago
- View ETW Provider manifest☆489Updated 7 months ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆807Updated 5 months ago
- ☆472Updated 2 years ago
- Executes PowerShell from an unmanaged process☆489Updated 9 years ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- PowerShell script for deobfuscating encoded PowerShell scripts☆424Updated 4 years ago
- Event Tracing For Windows (ETW) Resources☆386Updated 8 months ago
- Evade sysmon and windows event logging☆623Updated 5 years ago
- ☆517Updated 5 months ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆797Updated 4 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆579Updated last year
- Live hunting of code injection techniques☆382Updated 5 years ago
- Utilities for Sysmon☆1,527Updated 3 months ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆837Updated 7 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆224Updated 4 years ago
- SharpWMI is a C# implementation of various WMI functionality.☆758Updated 4 years ago
- All sysmon event types and their fields explained☆551Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆917Updated last year
- Token Privilege Research☆826Updated 7 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆422Updated last year
- Expriments☆458Updated 8 months ago
- Also known by Microsoft as Knifecoat☆1,136Updated 2 years ago
- Misc Threat Hunting Resources☆373Updated 2 years ago
- Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the in…☆1,140Updated last year
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆707Updated 2 years ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆512Updated 4 years ago