A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies
☆64Dec 18, 2023Updated 2 years ago
Alternatives and similar repositories for WDACPolicies
Users that are interested in WDACPolicies are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies☆245Mar 2, 2022Updated 4 years ago
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆262Mar 23, 2026Updated last week
- EventList☆377Mar 21, 2021Updated 5 years ago
- Documentation and supporting script sample for Windows Exploit Guard☆169Sep 8, 2025Updated 6 months ago
- ☆18Jul 24, 2019Updated 6 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Nov 15, 2016Updated 9 years ago
- Appendix resources for Intrinsec's "Amélioration des capacités de détection" handbook.☆13Mar 26, 2018Updated 8 years ago
- Repository for my ATT&CK analysis research.☆70May 16, 2019Updated 6 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆32Nov 25, 2019Updated 6 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Nov 10, 2018Updated 7 years ago
- Execute Shellcode And Other Goodies From MMC☆14Jun 17, 2015Updated 10 years ago
- Read Windows message table entries.☆11Feb 5, 2023Updated 3 years ago
- A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses☆115May 27, 2017Updated 8 years ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆332May 2, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- PowerShell script to find 'vulnerable' security-related GPOs that should be hardended☆198Jun 1, 2018Updated 7 years ago
- PoSh BloodHound Dog Whisperer☆192May 23, 2023Updated 2 years ago
- A PowerShell module to assist in parsing and managing catalog files.☆22Jan 12, 2017Updated 9 years ago
- ☆16Jul 21, 2018Updated 7 years ago
- Lists of sources and utilities utilized to hunt, detect and prevent evildoers.☆168Dec 10, 2018Updated 7 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- An Ansible role for installing Cobalt Strike.☆80Mar 13, 2026Updated 2 weeks ago
- A collection of some Powershell scripts and functions for building lab-environments☆19Feb 25, 2023Updated 3 years ago
- ☆20May 30, 2025Updated 10 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Robust and practical application control for Windows☆689Aug 12, 2022Updated 3 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- A wireshark plugin to instrument ETW☆581Jan 28, 2022Updated 4 years ago
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Dec 8, 2022Updated 3 years ago
- ☆265Oct 25, 2025Updated 5 months ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 6 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A repository that maps API calls to Sysmon Event ID's.☆121Nov 14, 2022Updated 3 years ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆117Oct 14, 2025Updated 5 months ago
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- Splunk Boss of the SOC v1 data set.☆113Jun 13, 2018Updated 7 years ago
- Fun GUI for Group3rs output log☆37Aug 14, 2023Updated 2 years ago
- Ps1jacker is a tool for generating COM Hijacking payload.☆60Feb 11, 2025Updated last year
- A modern approach to password rotation for the local administrator account on Windows 10 workstations utilizing Microsoft Endpoint Config…☆10May 5, 2020Updated 5 years ago