Event metadata collected across all manifest-based ETW providers on Window 10 1903
☆31Nov 25, 2019Updated 6 years ago
Alternatives and similar repositories for WindowsEventLogMetadata
Users that are interested in WindowsEventLogMetadata are comparing it to the libraries listed below
Sorting:
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆31Dec 19, 2017Updated 8 years ago
- The offical exploit for Pandora v7.0NG Post-auth Remote Code Execution CVE-2019-20224☆14Jan 10, 2020Updated 6 years ago
- Cobalt Strike log state tracking, parsing, and storage☆24Jul 18, 2019Updated 6 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Dec 14, 2018Updated 7 years ago
- Insecure Deserialization, PDF and lab☆18Nov 19, 2019Updated 6 years ago
- Cybersecurity Incidents Mind Maps☆34Sep 29, 2021Updated 4 years ago
- 针对域名/页面的接口爬取,递归模式入库☆22Sep 18, 2019Updated 6 years ago
- Simple skeleton for a CPP DLL☆66Jan 11, 2020Updated 6 years ago
- Wafid allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆10Oct 19, 2020Updated 5 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆95Feb 2, 2022Updated 4 years ago
- Managed wrappers around the Windows API and some Native API☆35Jun 15, 2018Updated 7 years ago
- Example VBA Macro for MacOS Mojave☆67Oct 31, 2018Updated 7 years ago
- A collection of quick start resrouces for Live Streaming☆10May 2, 2019Updated 6 years ago
- ☆10May 23, 2019Updated 6 years ago
- apache solr 5.x - 8.2.0 rce (with config api)☆11Oct 31, 2019Updated 6 years ago
- Cmdlets for capturing Windows Events☆14Mar 11, 2022Updated 3 years ago
- Using ESP8266/ESP32 to fetch satellite pass predictions from www.n2yo.com and display it on the E-Paper display.☆10Dec 20, 2019Updated 6 years ago
- Simple DLL injector written in C#☆24Sep 28, 2015Updated 10 years ago
- All TMF files that I extracted from Microsoft PDBs.☆14Jun 29, 2019Updated 6 years ago
- Crowdstrike Falcon Host script for iterating through instances to get alert and other relevant data☆13Jul 16, 2019Updated 6 years ago
- My musings with C#☆28Dec 23, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- Legislator is a simple .NET interface authoring tool written in PowerShell☆28Dec 1, 2021Updated 4 years ago
- ObscurityLabs RedTeam C# Toolkit☆123Sep 3, 2019Updated 6 years ago
- PowerShell script for hunting webshells on Microsoft Exchange Servers.☆56Feb 1, 2017Updated 9 years ago
- Attempted Proof of Concept to Run the new Pulumi dotnet provider in Powershell☆13Nov 18, 2019Updated 6 years ago
- A simple parser(library) which extracts shimcache data from windows.☆15May 20, 2019Updated 6 years ago
- This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes☆21Mar 11, 2021Updated 4 years ago
- 能过卡巴、核晶、defender等杀软的dump lsass进程工具☆12Sep 25, 2022Updated 3 years ago
- A module for working with Windows Event Collector service and maintain Windows Event Forwarding subscriptions.☆34Dec 14, 2025Updated 2 months ago
- Initial Commit of Coresploit☆57Oct 12, 2021Updated 4 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆94Feb 24, 2019Updated 7 years ago
- ☆14Oct 25, 2019Updated 6 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- This program implements port knocking for access to Windows via RDP / TS☆15Apr 5, 2021Updated 4 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- Generic Signature Format for SIEM Systems☆18Jul 25, 2023Updated 2 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.☆93Feb 15, 2021Updated 5 years ago