Detect possible sysmon logging bypasses given a specific configuration
☆111Dec 26, 2018Updated 7 years ago
Alternatives and similar repositories for sysmon-config-bypass-finder
Users that are interested in sysmon-config-bypass-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Evade sysmon and windows event logging☆623Apr 8, 2020Updated 6 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆265Nov 30, 2018Updated 7 years ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A C# tool to send emails through Outlook from the command line or in memory☆32Jun 17, 2020Updated 5 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- SilkETW & SilkService☆40Aug 14, 2019Updated 6 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 7 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- An Insider Threat Toolkit☆156Dec 17, 2018Updated 7 years ago
- A C# implementation of PrivExchange by @_dirkjan.☆155Mar 15, 2019Updated 7 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆21Jan 28, 2020Updated 6 years ago
- ☆98Mar 16, 2016Updated 10 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- All materials from our Black Hat 2018 "Subverting Sysmon" talk☆135Aug 10, 2018Updated 7 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- Utilities for Sysmon☆1,636Apr 4, 2026Updated 2 weeks ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆940Dec 12, 2023Updated 2 years ago
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆730Jan 21, 2020Updated 6 years ago
- Bloodhound Attack Path Automation in CobaltStrike☆326Apr 26, 2020Updated 5 years ago
- ☆41Jul 4, 2018Updated 7 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆424Jul 27, 2022Updated 3 years ago
- A repository that maps API calls to Sysmon Event ID's.☆121Nov 14, 2022Updated 3 years ago
- RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShel…☆19Mar 12, 2020Updated 6 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.☆492Feb 16, 2019Updated 7 years ago
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆65Dec 27, 2017Updated 8 years ago
- ☆98Feb 21, 2019Updated 7 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆176Jun 10, 2021Updated 4 years ago
- ☆229May 10, 2018Updated 7 years ago