A PowerShell module to facilitate building, configuring, deploying, and auditing Windows Defender Application Control (WDAC) policies
☆246Mar 2, 2022Updated 4 years ago
Alternatives and similar repositories for WDACTools
Users that are interested in WDACTools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆64Dec 18, 2023Updated 2 years ago
- Documentation and tools to access Windows Defender Application Control (WDAC) technology.☆267Mar 23, 2026Updated last month
- Harden Windows with Windows Defender Application Control (WDAC)☆48Jul 26, 2024Updated last year
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 8 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Robust and practical application control for Windows☆693Aug 12, 2022Updated 3 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆32Nov 25, 2019Updated 6 years ago
- A centralized resource for previously documented WDAC bypass techniques☆619Sep 8, 2025Updated 7 months ago
- ☆18Jul 24, 2019Updated 6 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆24Aug 12, 2025Updated 8 months ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- ☆124May 23, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 6 years ago
- Documentation and supporting script sample for Windows Exploit Guard☆168Sep 8, 2025Updated 7 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Credential Dumper☆80Feb 19, 2020Updated 6 years ago
- BloodHound Data Scanner☆45Jul 7, 2020Updated 5 years ago
- Reverse engineered source code of the autochk rootkit☆212Nov 1, 2019Updated 6 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆184Nov 30, 2017Updated 8 years ago
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 4 months ago
- Extract Windows Defender database from vdm files and unpack it☆482Apr 21, 2026Updated last week
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆333May 2, 2024Updated 2 years ago
- AppLocker baseline configuration with the AaronLocker module. Used for testing with Windows 10, Intune etc.☆21Nov 21, 2025Updated 5 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Authenticode Hash Calculator for PE32/PE32+ files☆120Apr 5, 2026Updated last month
- Command like tool to print mitigation flags for running processes in a memory dump☆48Sep 18, 2020Updated 5 years ago
- ☆13May 30, 2025Updated 11 months ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- Set of tools to analyze Windows sandboxes for exposed attack surface.☆2,285Nov 6, 2025Updated 5 months ago
- System Tray Tool for WDAC☆39Mar 28, 2026Updated last month
- A reference Device Guard code integrity policy consisting of FilePublisher deny rules for published Device Guard configuration bypasses☆114May 27, 2017Updated 8 years ago
- Load self-signed drivers without TestSigning or disable DSE. Transferred from https://github.com/DoubleLabyrinth/Windows10-CustomKernelSi…☆789Jan 22, 2020Updated 6 years ago
- Enumerate and disable common sources of telemetry used by AV/EDR.☆848Mar 11, 2021Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Validates priv escalation of AD trusts☆47Apr 1, 2025Updated last year
- win10 pgContext dynamic dump (btc version)☆111Jan 15, 2020Updated 6 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆333May 3, 2020Updated 6 years ago
- A PowerShell module to assist in parsing and managing catalog files.☆22Jan 12, 2017Updated 9 years ago
- A repository of some of my Windows 10 Device Guard Bypasses☆139Aug 3, 2017Updated 8 years ago
- Enumerate Windows Defender threat families and dump their names according category☆95Apr 16, 2026Updated 2 weeks ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆149Feb 15, 2020Updated 6 years ago