Alternatives and similar repositories for evtq

Users that are interested in evtq are comparing it to the libraries listed below

• commial / LiveDiffAD
  AD Live changes viewer
  ☆36Updated 2 years ago
• skelsec / aardwolfgui
  Asynchronous RDP/VNC client for Python (GUI)
  ☆71Updated 6 months ago
• jonny-jhnson / LDAPMon
  ☆45Updated last year
• limbenjamin / nTimetools
  Timestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
  ☆50Updated 3 years ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆49Updated 6 months ago
• matterpreter / FindETWProviderImage
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆74Updated 3 years ago
• SygniaLabs / BackupKeyManager
  ☆12Updated last year
• codewhitesec / SysmonEnte
  ☆74Updated 2 years ago
• postrequest / safetydump
  MiniDump a process in memory with rust
  ☆36Updated 4 years ago
• citronneur / kerlab
  Kerberos laboratory to better understand and then detecting attack on kerberos
  ☆70Updated 4 years ago
• RemiEscourrou / PowerShellMisc
  ☆35Updated 2 years ago
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆19Updated 7 months ago
• postrequest / donut-rs
  Donut generator in rust.
  ☆27Updated 3 years ago
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆76Updated 5 months ago
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆36Updated last year
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆61Updated 2 years ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 9 months ago
• huntandhackett / sysmon-indepth
  Understanding the operation and limitations of Sysmon's events
  ☆19Updated 2 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Updated 2 years ago
• djhohnstein / HookDetector
  Playing with PE's and Building Structures by Hand
  ☆22Updated 3 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 2 years ago
• CooperShield / rustache_injector
  A rust based DLL injection project
  ☆30Updated 2 years ago
• T3KX / Crackmapexec-LAPS
  LAPS module for CrackMapExec
  ☆29Updated 3 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆64Updated 3 years ago
• skelsec / asysocks
  Socks5 / Socks4 client and server library
  ☆70Updated last week
• netwrix / server-untrust-account
  A technique for Active Directory domain persistence
  ☆39Updated 2 years ago
• CERTCC / privesc
  Process Monitor filter for finding privilege escalation vulnerabilities on Windows
  ☆79Updated 4 years ago
• HuskyHacks / the-crown-defcon615
  Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
  ☆45Updated 3 years ago
• RemiEscourrou / Invoke-Leghorn
  Leghorn code for PKI abuse
  ☆32Updated 4 years ago