Alternatives and similar repositories for WindowsEventLogMetadata:

Users that are interested in WindowsEventLogMetadata are comparing it to the libraries listed below

• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• zacbrown / PowerKrabsEtw
  PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
  ☆103Updated 4 years ago
• vletoux / ADSecrets
  Set of ultra technical notes about AD
  ☆18Updated 6 years ago
• matthastings / PSalander
  ☆51Updated 6 years ago
• zacbrown / PowerShellMethodAuditor
  PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
  ☆38Updated 7 years ago
• rvazarkar / SharpHound
  ☆18Updated 7 years ago
• lordsaibat / finding_windows_privileges
  Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…
  ☆10Updated 6 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆44Updated 4 years ago
• arekfurt / WinAWL
  ☆18Updated 5 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆42Updated 6 years ago
• ubeeri / Invoke-PWAudit
  A PowerShell tool which provides an easy way to check for shared passwords between Windows Active Directory accounts
  ☆32Updated 6 years ago
• jeperez / windows-operating-system-archaeology
  windows-operating-system-archaeology @Enigma0x3 @subTee
  ☆44Updated 7 years ago
• matthewdunwoody / PS_logging_reg
  A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed
  ☆16Updated 8 years ago
• commial / LiveDiffAD
  AD Live changes viewer
  ☆35Updated last year
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆48Updated 2 years ago
• netwrix / LAPS-Permissions-Collection
  Looks up permissions within Active Directory on a target (OU or Computer) to determine access to LAPS attributes (ms-Mcs-AdmPwdExpiration…
  ☆15Updated last year
• mattifestation / CatalogTools
  A PowerShell module to assist in parsing and managing catalog files.
  ☆21Updated 8 years ago
• secgroundzero / ossem_modular
  OSSEM Modular
  ☆27Updated 4 years ago
• agreenjay / sysmon
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Updated 4 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 4 years ago
• tvfischer / ps-srum-hunting
  PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting
  ☆23Updated 5 years ago
• Invoke-IR / WmiEvent
  A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions
  ☆55Updated 8 years ago
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year
• aurel26 / gpocheck
  gpocheck
  ☆30Updated 6 months ago
• acochenour / PSInspect
  PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later
  ☆20Updated 8 years ago
• mattifestation / MSFTTraceMessageFormat
  All TMF files that I extracted from Microsoft PDBs.
  ☆12Updated 5 years ago
• mattifestation / WDACPolicies
  A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies
  ☆62Updated last year
• darkoperator / vscode-sysmon
  Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
  ☆51Updated last year
• michdu / WhatAmIMissing
  Get all AD objects which are hidden from you
  ☆18Updated 7 years ago
• danielbohannon / DevSec-Defense
  Accompanying PowerShell Modules for DevSec Defense Presentation
  ☆28Updated 6 years ago