mandiant / SilkETWLinks
☆772Updated 2 years ago
Alternatives and similar repositories for SilkETW
Users that are interested in SilkETW are comparing it to the libraries listed below
Sorting:
- PowerShell Obfuscation Detection Framework☆740Updated last year
- ☆473Updated 2 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆424Updated 4 years ago
- Event Tracing For Windows (ETW) Resources☆389Updated 8 months ago
- View ETW Provider manifest☆498Updated 7 months ago
- C# based evtx parser with lots of extras☆313Updated 2 months ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆581Updated last year
- Tool Analysis Result Sheet☆354Updated 7 years ago
- ☆519Updated 2 weeks ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆840Updated 7 years ago
- Executes PowerShell from an unmanaged process☆491Updated 9 years ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆811Updated 6 months ago
- ☆428Updated 2 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆921Updated last year
- Detect and respond to Cobalt Strike beacons using ETW.☆500Updated 2 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆708Updated 2 years ago
- A collection of red team and adversary emulation resources developed and released by MITRE.☆512Updated 4 years ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- Utilities for Sysmon☆1,529Updated 3 months ago
- Lnk Explorer Command line edition!!☆310Updated 5 months ago
- Also known by Microsoft as Knifecoat☆1,136Updated 2 years ago
- Evade sysmon and windows event logging☆624Updated 5 years ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆801Updated 4 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆447Updated 2 years ago
- Expriments☆463Updated 8 months ago
- ☆1,068Updated last year
- A wireshark plugin to instrument ETW☆560Updated 3 years ago
- All sysmon event types and their fields explained☆551Updated 3 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆423Updated last year
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆805Updated last year