Alternatives and similar repositories for evtq

Users that are interested in evtq are comparing it to the libraries listed below

• postrequest / donut-rs
  Donut generator in rust.
  ☆27Updated 3 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆64Updated 3 years ago
• jonny-jhnson / LDAPMon
  ☆45Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆42Updated 10 months ago
• codewhitesec / SysmonEnte
  ☆74Updated 2 years ago
• matterpreter / FindETWProviderImage
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆74Updated 3 years ago
• 3gstudent / ntfsDump
  Use to copy a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures.
  ☆118Updated 4 years ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆61Updated 2 years ago
• mattifestation / AntimalwareBlight
  Execute PowerShell code at the antimalware-light protection level.
  ☆141Updated 2 years ago
• riesha / drv-vuln-scanner
  Finds imports that could be exploited, still requires manual analysis.
  ☆27Updated 2 years ago
• aancw / DllProxy-rs
  Rust Implementation of SharpDllProxy for DLL Proxying Technique
  ☆30Updated 2 years ago
• Teach2Breach / Red_Team_Rust
  Collection of Rust repos useful for Red Teamers.
  ☆34Updated 2 years ago
• CERTCC / privesc
  Process Monitor filter for finding privilege escalation vulnerabilities on Windows
  ☆79Updated 4 years ago
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆61Updated 2 years ago
• whokilleddb / exe_who
  Executables on Disk? Bleh 🤮
  ☆100Updated 2 years ago
• 0xflux / ETW-Bypass-Rust
  Event Tracing for Windows EDR bypass in Rust (usermode)
  ☆27Updated last year
• citronneur / kerlab
  Kerberos laboratory to better understand and then detecting attack on kerberos
  ☆70Updated 4 years ago
• RemiEscourrou / PowerShellMisc
  ☆35Updated 2 years ago
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆20Updated 7 months ago
• MythicC2Profiles / http
  Simple HTTP async comms using standard GET/POST requests
  ☆38Updated 4 months ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆64Updated last year
• xforcered / Detect-Hooks
  Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR
  ☆102Updated 4 years ago
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆91Updated 2 years ago
• skelsec / asysocks
  Socks5 / Socks4 client and server library
  ☆70Updated 3 weeks ago
• netwrix / server-untrust-account
  A technique for Active Directory domain persistence
  ☆39Updated 2 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• goichot / CVE-2020-3433
  PoCs and technical analysis of three vulnerabilities found on Cisco AnyConnect for Windows: CVE-2020-3433, CVE-2020-3434 and CVE-2020-343…
  ☆43Updated 4 years ago
• ustayready / roguerdp
  ☆35Updated 3 years ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆50Updated 7 months ago
• DidierStevens / AdHoc
  AdHoc solutions
  ☆48Updated last year