Detect possible sysmon logging bypasses given a specific configuration
☆111Dec 26, 2018Updated 7 years ago
Alternatives and similar repositories for sysmon-config-bypass-finder
Users that are interested in sysmon-config-bypass-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Evade sysmon and windows event logging☆625Apr 8, 2020Updated 5 years ago
- Miscellaneous C-Sharp projects for red team activities☆24Aug 12, 2022Updated 3 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆265Nov 30, 2018Updated 7 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- A C# tool to send emails through Outlook from the command line or in memory☆32Jun 17, 2020Updated 5 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- SilkETW & SilkService☆40Aug 14, 2019Updated 6 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- A C# tool for enumerating remote access policies through group policy.☆73Apr 18, 2019Updated 6 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- An Insider Threat Toolkit☆156Dec 17, 2018Updated 7 years ago
- A C# implementation of PrivExchange by @_dirkjan.☆155Mar 15, 2019Updated 7 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆98Mar 16, 2016Updated 10 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Invoke-LiveResponse☆150Feb 22, 2022Updated 4 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- All materials from our Black Hat 2018 "Subverting Sysmon" talk☆135Aug 10, 2018Updated 7 years ago
- Test Blue Team detections without running any attack.☆272May 2, 2024Updated last year
- Utilities for Sysmon☆1,579Sep 21, 2025Updated 6 months ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs☆730Jan 21, 2020Updated 6 years ago
- Bloodhound Attack Path Automation in CobaltStrike☆326Apr 26, 2020Updated 5 years ago
- ☆41Jul 4, 2018Updated 7 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆424Jul 27, 2022Updated 3 years ago
- A repository that maps API calls to Sysmon Event ID's.☆121Nov 14, 2022Updated 3 years ago
- RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShel…☆19Mar 12, 2020Updated 6 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.☆492Feb 16, 2019Updated 7 years ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆108Jul 26, 2024Updated last year
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆65Dec 27, 2017Updated 8 years ago
- ☆98Feb 21, 2019Updated 7 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆176Jun 10, 2021Updated 4 years ago
- ☆229May 10, 2018Updated 7 years ago