mattifestation/WDACPolicies external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mattifestation/WDACPolicies

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mattifestation/WDACPolicies)

Close

mattifestation / WDACPoliciesView on GitHubMore

• External links
• Readme badge

A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies

☆64Dec 18, 2023Updated 2 years ago

Alternatives and similar repositories for WDACPolicies

Users that are interested in WDACPolicies are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mattifestation / WDACTools

  View on GitHub
  A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
  ☆256Mar 2, 2022Updated 4 years ago
• MicrosoftDocs / WDAC-Toolkit

  View on GitHub
  Documentation and tools to access Windows Defender Application Control (WDAC) technology.
  ☆273Jun 23, 2026Updated last week
• miriamxyra / EventList

  View on GitHub
  EventList
  ☆380Mar 21, 2021Updated 5 years ago
• palantir / exploitguard

  View on GitHub
  Documentation and supporting script sample for Windows Exploit Guard
  ☆168Sep 8, 2025Updated 9 months ago
• arekfurt / WinAWL

  View on GitHub
  ☆18Jul 24, 2019Updated 6 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• OmerYa / Named-Pipe-Sniffer

  View on GitHub
  Mario & Luigi - Tools for sniffing Windows Named Pipes communication
  ☆129Nov 15, 2016Updated 9 years ago
• Intrinsec / WEF-handbook-appendix

  View on GitHub
  Appendix resources for Intrinsec's "Amélioration des capacités de détection" handbook.
  ☆13Mar 26, 2018Updated 8 years ago
• vysecurity / ATT-CK_Analysis

  View on GitHub
  Repository for my ATT&CK analysis research.
  ☆70May 16, 2019Updated 7 years ago
• mattifestation / WindowsEventLogMetadata

  View on GitHub
  Event metadata collected across all manifest-based ETW providers on Window 10 1903
  ☆32Nov 25, 2019Updated 6 years ago
• OmerYa / Babel-Shellfish

  View on GitHub
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆42Nov 10, 2018Updated 7 years ago
• sinmygit / RogueMMC

  View on GitHub
  Execute Shellcode And Other Goodies From MMC
  ☆13Jun 17, 2015Updated 11 years ago
• wightsci / MessageTableReader

  View on GitHub
  Read Windows message table entries.
  ☆11Feb 5, 2023Updated 3 years ago
• mattifestation / DeviceGuardBypassMitigationRules

  View on GitHub
  A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses
  ☆116May 27, 2017Updated 9 years ago
• jdu2600 / Windows10EtwEvents

  View on GitHub
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆334May 2, 2024Updated 2 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• gpoguy / GetVulnerableGPO

  View on GitHub
  PowerShell script to find 'vulnerable' security-related GPOs that should be hardended
  ☆198Jun 1, 2018Updated 8 years ago
• SadProcessor / CypherDog

  View on GitHub
  PoSh BloodHound Dog Whisperer
  ☆193May 23, 2023Updated 3 years ago
• mattifestation / CatalogTools

  View on GitHub
  A PowerShell module to assist in parsing and managing catalog files.
  ☆22Jan 12, 2017Updated 9 years ago
• WebBreacher / welp

  View on GitHub
  ☆16Jul 21, 2018Updated 7 years ago
• MHaggis / hunt-detect-prevent

  View on GitHub
  Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
  ☆170Dec 10, 2018Updated 7 years ago
• beahunt3r / Windows-Hunting

  View on GitHub
  ☆351Mar 19, 2021Updated 5 years ago
• cisagov / ansible-role-cobalt-strike

  View on GitHub
  An Ansible role for installing Cobalt Strike.
  ☆81Jun 15, 2026Updated 2 weeks ago
• Harvester57 / CodeIntegrity-DriverBlocklist

  View on GitHub
  ☆20May 30, 2025Updated last year
• microsoft / AaronLocker

  View on GitHub
  Robust and practical application control for Windows
  ☆700Aug 12, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• mattifestation / PSSysmonTools

  View on GitHub
  Sysmon Tools for PowerShell
  ☆233Aug 17, 2018Updated 7 years ago
• airbus-cert / Winshark

  View on GitHub
  A wireshark plugin to instrument ETW
  ☆587Jan 28, 2022Updated 4 years ago
• ZPetricusic / defender_signature_parser

  View on GitHub
  Short Python script for parsing Defender VDM signature files.
  ☆10Sep 22, 2024Updated last year
• CompassSecurity / Readinizer

  View on GitHub
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆16Dec 8, 2022Updated 3 years ago
• PSGumshoe / PSGumshoe

  View on GitHub
  ☆267Oct 25, 2025Updated 8 months ago
• secgroundzero / ossem_modular

  View on GitHub
  OSSEM Modular
  ☆27Jun 29, 2020Updated 6 years ago
• agreenjay / sysmon

  View on GitHub
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Mar 23, 2020Updated 6 years ago
• jonny-jhnson / Automated-Detection-Pipeline

  View on GitHub
  ☆16Dec 16, 2020Updated 5 years ago
• jonny-jhnson / Windows-API-To-Sysmon-Events

  View on GitHub
  A repository that maps API calls to Sysmon Event ID's.
  ☆122Nov 14, 2022Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• 0x0v1 / Audix

  View on GitHub
  Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring
  ☆118Oct 14, 2025Updated 8 months ago
• microsoft / DefenderFileScanNotifier

  View on GitHub
  ☆14Nov 14, 2023Updated 2 years ago
• S3cur3Th1sSh1t / SharpByeBear

  View on GitHub
  AppXSVC Service race condition - privilege escalation
  ☆29Jul 30, 2019Updated 6 years ago
• daveherrald / botsv1

  View on GitHub
  Splunk Boss of the SOC v1 data set.
  ☆114Jun 13, 2018Updated 8 years ago
• sap8899 / Group3rExplorer

  View on GitHub
  Fun GUI for Group3rs output log
  ☆36Aug 14, 2023Updated 2 years ago
• roo7cause / Ps1jacker

  View on GitHub
  Ps1jacker is a tool for generating COM Hijacking payload.
  ☆60Feb 11, 2025Updated last year
• Harvester57 / Exploit-Protection-policy

  View on GitHub
  ☆13May 30, 2025Updated last year