mattifestation / WindowsEventLogMetadataLinks
Event metadata collected across all manifest-based ETW providers on Window 10 1903
☆31Updated 5 years ago
Alternatives and similar repositories for WindowsEventLogMetadata
Users that are interested in WindowsEventLogMetadata are comparing it to the libraries listed below
Sorting:
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆53Updated last year
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆38Updated 7 years ago
- Set of ultra technical notes about AD☆18Updated 7 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Updated 7 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Updated 4 years ago
- ☆52Updated 6 years ago
- AD Live changes viewer☆36Updated 2 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Looks up permissions within Active Directory on a target (OU or Computer) to determine access to LAPS attributes (ms-Mcs-AdmPwdExpiration…☆15Updated 2 years ago
- Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs☆42Updated 6 years ago
- Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at ht…☆24Updated 2 years ago
- RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShel…☆19Updated 5 years ago
- All TMF files that I extracted from Microsoft PDBs.☆13Updated 6 years ago
- windows-operating-system-archaeology @Enigma0x3 @subTee☆46Updated 8 years ago
- BloodHound Data Scanner☆45Updated 5 years ago
- Microsoft Flow Attack Framework☆23Updated 5 years ago
- Accompanying PowerShell Modules for DevSec Defense Presentation☆29Updated 7 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- Threat Mitigation Strategies☆25Updated 2 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- Loads the AutoIt DLL and PowerShell assemblies into memory and executes the specified keystrokes☆61Updated 8 years ago
- ☆18Updated 5 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later�☆20Updated 9 years ago
- OSSEM Modular☆27Updated 5 years ago
- A PowerShell module to assist in parsing and managing catalog files.☆22Updated 8 years ago
- Generate YARA rules for OOXML documents.☆38Updated 2 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 9 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Updated 6 years ago