mattifestation / WDACToolsLinks
A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
☆215Updated 3 years ago
Alternatives and similar repositories for WDACTools
Users that are interested in WDACTools are comparing it to the libraries listed below
Sorting:
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆230Updated 2 weeks ago
- Module to provide PowerShell functions that abstract Win32 API functions☆247Updated 11 months ago
- Documentation and supporting script sample for Windows Exploit Guard☆156Updated 3 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- A collection of free miscellaneous Windows tools☆135Updated 9 months ago
- Sysmon-Like research tool for ETW☆353Updated 2 years ago
- ☆258Updated 6 months ago
- Event Tracing For Windows (ETW) Resources☆387Updated 8 months ago
- A Powershell module that helps you identify AppLocker weaknesses☆168Updated 5 years ago
- ☆517Updated 5 months ago
- Sysmon Tools for PowerShell☆229Updated 6 years ago
- A set of troubleshooting, diagnostic, and information utilities for Windows☆58Updated 2 months ago
- Windows Diagnostics, Data Collection and Analysis tools☆165Updated 4 years ago
- ☆48Updated 10 months ago
- RPC Monitor tool based on Event Tracing for Windows☆356Updated 9 months ago
- Powershell Event Tracing Toolbox☆75Updated 3 years ago
- PowerShell Module for managing Microsoft Defender Advanced Threat Protection☆71Updated 2 years ago
- ☆60Updated last year
- PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate …☆261Updated 7 months ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆215Updated 5 years ago
- ☆247Updated last year
- Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)☆189Updated 2 years ago
- ☆216Updated 2 years ago
- Public content repo for ATA documentation in OPS☆74Updated 3 months ago
- MDE relies on some of the Audit settings to be enabled☆98Updated 2 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Updated 7 years ago
- ☆68Updated 3 years ago
- Tool to convert SDDL to readable text☆40Updated 7 years ago
- ☆114Updated 5 years ago