mandiant / SilkETWLinks
☆788Updated 2 years ago
Alternatives and similar repositories for SilkETW
Users that are interested in SilkETW are comparing it to the libraries listed below
Sorting:
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆827Updated 9 months ago
- PowerShell Obfuscation Detection Framework☆746Updated last year
- PowerShell script for deobfuscating encoded PowerShell scripts☆426Updated 4 years ago
- ☆525Updated 3 months ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆583Updated last year
- View ETW Provider manifest☆530Updated 11 months ago
- ☆479Updated 2 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆508Updated 3 years ago
- Event Tracing For Windows (ETW) Resources☆402Updated this week
- A collection of red team and adversary emulation resources developed and released by MITRE.☆519Updated 4 years ago
- All sysmon event types and their fields explained☆557Updated 3 years ago
- Tool Analysis Result Sheet☆356Updated 7 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆714Updated 2 years ago
- Live hunting of code injection techniques☆383Updated 6 years ago
- Utilities for Sysmon☆1,550Updated 2 weeks ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆448Updated 2 years ago
- Evade sysmon and windows event logging☆625Updated 5 years ago
- ☆427Updated 2 years ago
- A wireshark plugin to instrument ETW☆569Updated 3 years ago
- An Active Defense and EDR software to empower Blue Teams☆1,303Updated 2 years ago
- Executes PowerShell from an unmanaged process☆504Updated 9 years ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆634Updated last week
- C# based evtx parser with lots of extras☆325Updated last month
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆311Updated last year
- Open Source EDR for Windows☆1,275Updated 2 years ago
- Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …☆811Updated last year
- Encyclopedia for Executables☆455Updated 3 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆928Updated last year
- Misc Threat Hunting Resources☆374Updated 2 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆422Updated last year