Alternatives and similar repositories for procmon-filters

Users that are interested in procmon-filters are comparing it to the libraries listed below

• mgeeky / LISET

  View on GitHub
  Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…
  ☆32Aug 29, 2016Updated 9 years ago
• nasbench / procmon-malware-analysis-filters

  View on GitHub
  Repository containing malware analysis filters for the Windows SysInternals' - Process Monitor tool
  ☆20Oct 2, 2020Updated 5 years ago
• mgeeky / PEInfo

  View on GitHub
  Another Portable Executable files analysing stuff
  ☆21May 28, 2011Updated 14 years ago
• abarbatei / windbg-info

  View on GitHub
  collection of links related to using and improving windbg
  ☆20Jun 17, 2018Updated 7 years ago
• wjcsharp / hf-2011

  View on GitHub
  Automatically exported from code.google.com/p/hf-2011
  ☆15Feb 12, 2016Updated 10 years ago
• mgeeky / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆14Sep 18, 2021Updated 4 years ago
• hasherezade / beardisasm

  View on GitHub
  A wrapper for capstone for bearparser
  ☆16Oct 8, 2025Updated 4 months ago
• appsecco / winmanipulate

  View on GitHub
  A simple tool to manipulate window objects in Windows
  ☆45Dec 22, 2016Updated 9 years ago
• OSRDrivers / dirchange

  View on GitHub
  Simple utility to watch directory change notifications on a given path
  ☆19Oct 6, 2017Updated 8 years ago
• mgeeky / ntfs-journal-viewer

  View on GitHub
  Utterly simple NTFS Journal dumping utility. Handy when it comes to Computer Forensics and Malware Forensics Ops.
  ☆38Mar 21, 2016Updated 9 years ago
• hasherezade / tag_converter

  View on GitHub
  ☆23Feb 3, 2021Updated 5 years ago
• aaaddress1 / APCInjector-BYPASS-AV

  View on GitHub
  ☆19Jul 20, 2015Updated 10 years ago
• DamonMohammadbagher / ETWNetMonv3

  View on GitHub
  ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Ima…
  ☆41Jun 6, 2023Updated 2 years ago
• Chuyu-Team / woflib

  View on GitHub
  An open source library for operating the Windows Overlay Filter driver.
  ☆22Jan 16, 2019Updated 7 years ago
• EricZimmerman / OleCf

  View on GitHub
  Library to process OLE compound file format. This is a work in progress and was initially written for jumplist parsing (for which it does…
  ☆19Feb 2, 2025Updated last year
• NtRaiseHardError / MIST

  View on GitHub
  Minimal Intervention and Software Transformation - PoC Packer designed for AV detection bypass
  ☆18Nov 4, 2017Updated 8 years ago
• MotiBa / ProcessMonitorAnalyzeMalware

  View on GitHub
  Script to parse Process Monitor XML log file, and give you a summary report.
  ☆24May 4, 2016Updated 9 years ago
• florianib / rusty_drivers

  View on GitHub
  BYOVD collection
  ☆24Mar 20, 2024Updated last year
• threatexpress / cobaltstrike_payload_generator

  View on GitHub
  Quickly generate every payload type for each listener and optionally host via HTTP.
  ☆22Aug 23, 2021Updated 4 years ago
• makitos666 / MFT_Fast_Transcoder

  View on GitHub
  MFT Fast Transcoder is a fast forensic tool to analyze MFT of NTFS partitions.
  ☆12Feb 27, 2023Updated 2 years ago
• alternat0r / training-basic-malware-analysis

  View on GitHub
  In this training will be covered about a very basic step for malware analysis. Using several free tools to recognize malware behavior. Si…
  ☆12May 25, 2016Updated 9 years ago
• threatexpress / procdot_sandbox

  View on GitHub
  ProcDot Malware Sandbox
  ☆26Jul 28, 2025Updated 6 months ago
• repnz / rpcmon

  View on GitHub
  RPC Monitor based on The ETW Microsoft-Windows-Rpc provider
  ☆24Mar 22, 2020Updated 5 years ago
• EricZimmerman / RecentFileCacheParser

  View on GitHub
  Parses RecentFileCacheParser.bcf files
  ☆30Feb 2, 2025Updated last year
• mgeeky / RPISEC-MBE-Solutions

  View on GitHub
  Solutions to the RPISEC MBE / Modern Binary Exploitation VM & course.
  ☆21Feb 5, 2017Updated 9 years ago
• adrianyy / nasm_shellcode

  View on GitHub
  NASM listing to shellcode converter
  ☆14May 6, 2018Updated 7 years ago
• RCStep / RedTeam_Tools_n_Stuff

  View on GitHub
  Collection of self-made Red Team tools that have come in handy
  ☆12Aug 25, 2024Updated last year
• OSRDrivers / deleteex

  View on GitHub
  Demonstrate the new FileDispositionInfoEx behavior
  ☆15Nov 6, 2017Updated 8 years ago
• SoulSec / Resource-Threat-Intelligence

  View on GitHub
  Repository resource threat intelligence for SOC
  ☆10Sep 14, 2018Updated 7 years ago
• mfdooom / threadless_loader_rs

  View on GitHub
  Threadless Injection Payload Toolkit
  ☆12Oct 12, 2023Updated 2 years ago
• haidragon / processrefund

  View on GitHub
  新的注入方式
  ☆11Sep 30, 2018Updated 7 years ago
• Velocidex / go-ese

  View on GitHub
  Go implementation of an Extensible Storage Engine parser
  ☆32Feb 15, 2025Updated last year
• jordisk / TheHive2Sigma

  View on GitHub
  Python script to automatically create sigma rules from The hive observables
  ☆25Mar 17, 2019Updated 6 years ago
• tdevuser / MalwFinder

  View on GitHub
  ☆26May 31, 2019Updated 6 years ago
• mgeeky / CustomXMLPart

  View on GitHub
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆40Aug 8, 2022Updated 3 years ago
• Neo23x0 / xorex

  View on GitHub
  XOR Key Extractor
  ☆51Aug 10, 2024Updated last year
• mttaggart / pwfuzz-rs

  View on GitHub
  Rust-based password mutator for brute force attacks
  ☆13Mar 21, 2025Updated 10 months ago
• poxyran / poxyblog

  View on GitHub
  poxyran's blog
  ☆13Aug 27, 2020Updated 5 years ago
• equalitie / shodan_fingerprinter

  View on GitHub
  Script fingerprinting systems based on shodan.io data
  ☆12Jul 9, 2018Updated 7 years ago