mandiant / SilkETWLinks
☆793Updated 2 years ago
Alternatives and similar repositories for SilkETW
Users that are interested in SilkETW are comparing it to the libraries listed below
Sorting:
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆827Updated 10 months ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆426Updated 4 years ago
- PowerShell Obfuscation Detection Framework☆745Updated last year
- All sysmon event types and their fields explained☆557Updated 3 years ago
- ☆529Updated 4 months ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆584Updated last year
- Detect and respond to Cobalt Strike beacons using ETW.☆508Updated 3 years ago
- ☆478Updated 2 years ago
- Tool Analysis Result Sheet☆355Updated 7 years ago
- Event Tracing For Windows (ETW) Resources☆404Updated 2 weeks ago
- Utilities for Sysmon☆1,551Updated last month
- Evade sysmon and windows event logging☆625Updated 5 years ago
- View ETW Provider manifest☆537Updated 11 months ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆717Updated 2 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,305Updated 2 years ago
- Executes PowerShell from an unmanaged process☆505Updated 9 years ago
- A wireshark plugin to instrument ETW☆573Updated 3 years ago
- C# based evtx parser with lots of extras☆329Updated last month
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆925Updated last year
- A collection of red team and adversary emulation resources developed and released by MITRE.☆522Updated 4 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆424Updated last year
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆638Updated this week
- TrustedSec Sysinternals Sysmon Community Guide☆1,241Updated 3 months ago
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆812Updated last year
- Repository of YARA rules made by Trellix ATR Team☆613Updated 7 months ago
- Live hunting of code injection techniques☆383Updated 6 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆447Updated 2 years ago
- Open Source EDR for Windows☆1,277Updated 2 years ago
- Remote Command Executor: A OSS replacement for PsExec and RunAs - or Telnet without having to install a server. Take your pick :)☆359Updated 7 years ago
- ☆427Updated 2 years ago