mattifestation / TCGLogToolsLinks
A set of tools to retrieve and parse TCG measured boot logs. Microsoft refers to these as Windows Boot Confirguration Logs (WBCL). In order to retrieve these logs, you must be running at least Windows 8 with the TPM enabled.
☆58Updated 7 years ago
Alternatives and similar repositories for TCGLogTools
Users that are interested in TCGLogTools are comparing it to the libraries listed below
Sorting:
- Blocks drivers from loading by using a name collision technique. #nsacyber☆49Updated 7 years ago
- The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…☆145Updated 3 years ago
- A PowerShell module to assist in parsing and managing catalog files.☆21Updated 8 years ago
- Analysis and manipulation of extended attribute ($EA) on NTFS☆38Updated 9 years ago
- Named pipe I/O ETW provider for Windows☆70Updated 4 years ago
- Parse Microsoft shim databases☆30Updated 5 months ago
- PowerShell scripts to check the UEFI KEK, DB and DBX Secure Boot variables.☆26Updated last week
- A collection of free miscellaneous Windows tools☆135Updated 10 months ago
- BCD is a module to interact with boot configuration data (BCD) either locally or remotely using the ROOT/WMI:Bcd* WMI classes. The functi…☆61Updated 4 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆31Updated 5 years ago
- The content of this repository aims to assist efforts on analysing inner working principles, functionalities, and properties of the Micro…☆151Updated 5 years ago
- ☆62Updated last year
- (unofficial) Hyper-V® Development Kit☆218Updated last year
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- ☆28Updated 2 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆65Updated 3 years ago
- ☆18Updated 5 months ago
- SentinelOne's KeRnel Exploits Advanced Mitigations☆54Updated 6 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago
- All TMF files that I extracted from Microsoft PDBs.☆12Updated 5 years ago
- A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses☆115Updated 8 years ago
- Information about a signed UEFI Shell that can be used when Secure Boot is enabled.☆78Updated 4 years ago
- AppContainer and LPAC (Less Privileged AppContainer) Launcher with Capabilities☆59Updated 9 months ago
- BITS Transfers Manager☆42Updated last month
- Expand compressed files from WinSxS folder☆158Updated this week
- WNF Utilities 4 Newbies (WNFUN)☆95Updated 6 years ago
- A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies☆218Updated 3 years ago
- ☆17Updated last year
- Hyper-V Research is trendy now☆163Updated 2 weeks ago
- PowerShell Module for the Antimalware Scan Interface (AMSI)☆25Updated 8 years ago