Alternatives and similar repositories for WindowsEventLogMetadata:

Users that are interested in WindowsEventLogMetadata are comparing it to the libraries listed below

• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• matthastings / PSalander
  ☆52Updated 6 years ago
• zacbrown / PowerKrabsEtw
  PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
  ☆103Updated 4 years ago
• zacbrown / PowerShellMethodAuditor
  PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
  ☆38Updated 7 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆43Updated 6 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆45Updated 4 years ago
• vletoux / ADSecrets
  Set of ultra technical notes about AD
  ☆18Updated 6 years ago
• lordsaibat / finding_windows_privileges
  Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…
  ☆10Updated 7 years ago
• secgroundzero / ossem_modular
  OSSEM Modular
  ☆27Updated 4 years ago
• darkoperator / vscode-sysmon
  Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
  ☆51Updated last year
• dwestgard / threat_hunting_tables
  Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs
  ☆42Updated 6 years ago
• agreenjay / sysmon
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Updated 5 years ago
• jeperez / windows-operating-system-archaeology
  windows-operating-system-archaeology @Enigma0x3 @subTee
  ☆45Updated 7 years ago
• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆12Updated 5 years ago
• matthewdunwoody / PS_logging_reg
  A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed
  ☆16Updated 8 years ago
• michdu / WhatAmIMissing
  Get all AD objects which are hidden from you
  ☆18Updated 7 years ago
• mattifestation / CatalogTools
  A PowerShell module to assist in parsing and managing catalog files.
  ☆21Updated 8 years ago
• commial / LiveDiffAD
  AD Live changes viewer
  ☆35Updated 2 years ago
• mattifestation / WDACPolicies
  A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies
  ☆62Updated last year
• ubeeri / Invoke-PWAudit
  A PowerShell tool which provides an easy way to check for shared passwords between Windows Active Directory accounts
  ☆32Updated 6 years ago
• tedhardyMSFT / EventLogUtilities
  Set of utilities for getting information about Windows Events
  ☆15Updated 6 years ago
• rvazarkar / SharpHound
  ☆18Updated 7 years ago
• netwrix / LAPS-Permissions-Collection
  Looks up permissions within Active Directory on a target (OU or Computer) to determine access to LAPS attributes (ms-Mcs-AdmPwdExpiration…
  ☆15Updated last year
• acochenour / PSInspect
  PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later
  ☆20Updated 9 years ago
• zacbrown / hiddentreasure-etw-demo
  Basic demo for Hidden Treasure talk.
  ☆49Updated 7 years ago
• arekfurt / WinAWL
  ☆18Updated 5 years ago
• Invoke-IR / WmiEvent
  A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions
  ☆55Updated 9 years ago
• FuzzySecurity / BH-Arsenal-2019
  SilkETW & SilkService
  ☆40Updated 5 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 5 years ago
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year