mattifestation / WDACToolsLinks
A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
☆227Updated 3 years ago
Alternatives and similar repositories for WDACTools
Users that are interested in WDACTools are comparing it to the libraries listed below
Sorting:
- Tool to convert SDDL to readable text☆40Updated 7 years ago
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆243Updated last month
- Module to provide PowerShell functions that abstract Win32 API functions☆249Updated last year
- A collection of free miscellaneous Windows tools☆139Updated 3 months ago
- Documentation and supporting script sample for Windows Exploit Guard☆158Updated last month
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Sysmon-Like research tool for ETW☆368Updated 2 years ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆311Updated last year
- RPC Monitor tool based on Event Tracing for Windows☆371Updated last year
- AD Live changes viewer☆36Updated 2 years ago
- A Powershell module that helps you identify AppLocker weaknesses☆168Updated 5 years ago
- Event Tracing For Windows (ETW) Resources☆404Updated 2 weeks ago
- Powershell Event Tracing Toolbox☆78Updated 3 years ago
- Windows Detour Hooking in PowerShell☆81Updated last year
- PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate …☆267Updated last year
- ☆261Updated 10 months ago
- ☆529Updated 4 months ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆214Updated 6 years ago
- Tool to monitor WMI activity on Windows☆294Updated 5 years ago
- Windows Registry Knowledge Base☆186Updated last week
- A collection of tools to interact with Microsoft Security Response Center API☆107Updated last year
- AppCompatCache (shimcache) parser. Supports Windows 7 (x86 and x64), Windows 8.x, and Windows 10☆124Updated 9 months ago
- ☆150Updated last year
- A repository that maps API calls to Sysmon Event ID's.☆122Updated 2 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆31Updated 5 years ago
- Sysmon Tools for PowerShell☆231Updated 7 years ago
- This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …☆31Updated 4 years ago
- ☆115Updated 6 years ago
- Run Processes as PPL with ELAM☆173Updated 3 years ago
- API Set Viewer☆90Updated 9 months ago