A set of tools to retrieve and parse TCG measured boot logs. Microsoft refers to these as Windows Boot Confirguration Logs (WBCL). In order to retrieve these logs, you must be running at least Windows 8 with the TPM enabled.
☆69Jun 17, 2018Updated 7 years ago
Alternatives and similar repositories for TCGLogTools
Users that are interested in TCGLogTools are comparing it to the libraries listed below
Sorting:
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆101Jan 7, 2018Updated 8 years ago
- Fix acquired .evt - Windows Event Log files (Forensics)☆18Mar 29, 2016Updated 9 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Containerized IDA Pro (Windows/Wine), DEPRECIATED, please use https://github.com/NyaMisty/docker-wine-ida☆26Nov 23, 2017Updated 8 years ago
- Defender for Endpoint☆28Jul 12, 2024Updated last year
- Telegram-based PowerShell Runspace Host☆11Dec 8, 2022Updated 3 years ago
- Windows SSPI wrapper in prue python☆15Nov 29, 2023Updated 2 years ago
- A python API for the VMware Fusion CLI tools.☆11Aug 2, 2021Updated 4 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 8 months ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Invoke CyberArk PARClient.exe Utility with PowerShell☆12Feb 12, 2020Updated 6 years ago
- A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses☆115May 27, 2017Updated 8 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆18Oct 7, 2016Updated 9 years ago
- Just Another broken Registry Parser (JARP)☆16May 23, 2024Updated last year
- Repository with selected IOCs and YARA rules for threat hunting.☆35May 21, 2025Updated 9 months ago
- Autotuner Windows 10 for awesome perfomance setting, privacy and security.☆12Dec 4, 2018Updated 7 years ago
- A library implementing a generic SQL like query language.☆21Sep 15, 2025Updated 5 months ago
- Materials from my Circle City Con talk: Fantastic OSINT (and where to find it)☆23Jul 1, 2016Updated 9 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42May 9, 2019Updated 6 years ago
- Using Undocumented NTDLL Functions to Read/Write/Delete File☆18Jan 25, 2021Updated 5 years ago
- A Dockerized Ghidra Server☆15Jan 9, 2021Updated 5 years ago
- Splunk app for Threat hunting☆15Nov 15, 2018Updated 7 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated 2 months ago
- Google Filestream Forensic Tool☆22Mar 10, 2022Updated 3 years ago
- MSIX App Attach repo☆24Sep 16, 2025Updated 5 months ago
- A PowerShell binding for the Unicorn Engine☆17Dec 27, 2015Updated 10 years ago
- ☆27Jul 13, 2025Updated 7 months ago
- ☆19Sep 2, 2018Updated 7 years ago
- iknowthis Linux SystemCall Fuzzer☆20Apr 18, 2019Updated 6 years ago
- ShellSweeping the evil.☆53Jun 18, 2024Updated last year
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- Various tools and scripts☆43Nov 30, 2022Updated 3 years ago
- Documentation site for Velociraptor☆68Feb 27, 2026Updated last week
- A collection of Terraform and Ansible scripts that automatically (and quickly) deploys a small Velociraptor R&D lab.☆22Apr 16, 2021Updated 4 years ago
- PowerShell Tools for CyberArk☆19Dec 13, 2019Updated 6 years ago
- A PowerShell function that scans for the existence of a Sticky Keys backdoor.☆24Aug 10, 2017Updated 8 years ago
- All materials from our Black Hat 2018 "Subverting Sysmon" talk☆135Aug 10, 2018Updated 7 years ago
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆52Aug 22, 2022Updated 3 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆46Jan 2, 2022Updated 4 years ago