mattifestation / WDACToolsLinks
A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
☆227Updated 3 years ago
Alternatives and similar repositories for WDACTools
Users that are interested in WDACTools are comparing it to the libraries listed below
Sorting:
- Tool to convert SDDL to readable text☆40Updated 7 years ago
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆245Updated 3 weeks ago
- A collection of free miscellaneous Windows tools☆137Updated 2 months ago
- Module to provide PowerShell functions that abstract Win32 API functions☆249Updated last year
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆311Updated last year
- Documentation and supporting script sample for Windows Exploit Guard☆159Updated 3 weeks ago
- Sysmon-Like research tool for ETW☆365Updated 2 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Tool to monitor WMI activity on Windows☆291Updated 4 years ago
- RPC Monitor tool based on Event Tracing for Windows☆372Updated last year
- A Powershell module that helps you identify AppLocker weaknesses☆169Updated 5 years ago
- Event Tracing For Windows (ETW) Resources☆402Updated this week
- Powershell Event Tracing Toolbox☆77Updated 3 years ago
- PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate …☆267Updated 11 months ago
- A collection of tools to interact with Microsoft Security Response Center API☆105Updated last year
- AD Live changes viewer☆36Updated 2 years ago
- Windows Detour Hooking in PowerShell☆82Updated last year
- A set of troubleshooting, diagnostic, and information utilities (and useful scripts) for Windows☆67Updated last month
- ☆525Updated 3 months ago
- Run Processes as PPL with ELAM☆171Updated 3 years ago
- ☆260Updated 10 months ago
- ☆68Updated 3 years ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆214Updated 6 years ago
- API Set Viewer☆91Updated 8 months ago
- Execute PowerShell code at the antimalware-light protection level.☆141Updated 2 years ago
- Protect your Domain Controllers by auditing and restricting LDAP requests☆176Updated 4 months ago
- ☆115Updated 6 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆190Updated 2 years ago
- Document ETW providers☆251Updated 5 years ago
- A repository that maps API calls to Sysmon Event ID's.☆122Updated 2 years ago