mattifestation / WDACToolsLinks
A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
☆218Updated 3 years ago
Alternatives and similar repositories for WDACTools
Users that are interested in WDACTools are comparing it to the libraries listed below
Sorting:
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆232Updated 2 weeks ago
- Module to provide PowerShell functions that abstract Win32 API functions☆247Updated last year
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- Documentation and supporting script sample for Windows Exploit Guard☆156Updated 3 years ago
- Windows Diagnostics, Data Collection and Analysis tools☆165Updated 4 years ago
- A Powershell module that helps you identify AppLocker weaknesses☆168Updated 5 years ago
- Sysmon-Like research tool for ETW☆354Updated 2 years ago
- A set of troubleshooting, diagnostic, and information utilities for Windows☆59Updated 2 months ago
- Custom ADMX template focused on hardening Windows 10 & Windows 11 systems☆82Updated this week
- Event Tracing For Windows (ETW) Resources☆389Updated 8 months ago
- Tool to convert SDDL to readable text☆40Updated 7 years ago
- PowerShell Module for managing Microsoft Defender Advanced Threat Protection☆71Updated 2 years ago
- ☆258Updated 6 months ago
- ☆49Updated 11 months ago
- A collection of free miscellaneous Windows tools☆135Updated 10 months ago
- Public content repo for ATA documentation in OPS☆74Updated 4 months ago
- Powershell Event Tracing Toolbox☆75Updated 3 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆93Updated 3 years ago
- ☆115Updated 5 years ago
- ☆519Updated 2 weeks ago
- Sysmon Tools for PowerShell☆229Updated 6 years ago
- PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate …☆261Updated 8 months ago
- ☆250Updated last year
- PowerShell module for Mimikatz☆212Updated 5 years ago
- PowerShell module to interact with Active Directory using ADSI and the System.DirectoryServices namespace (.NET Framework)☆202Updated 4 years ago
- ☆68Updated 3 years ago
- Expriments☆463Updated 8 months ago
- SysmonX - An Augmented Drop-In Replacement of Sysmon☆215Updated 5 years ago
- ☆157Updated last year