mtth-bfft / evtqLinks
Windows eventlog formatting, live fetching and querying utility in C
☆20Updated 5 years ago
Alternatives and similar repositories for evtq
Users that are interested in evtq are comparing it to the libraries listed below
Sorting:
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆64Updated 3 years ago
- ☆45Updated last year
- ☆74Updated 2 years ago
- Donut generator in rust.☆28Updated 3 years ago
- A technique for Active Directory domain persistence☆39Updated 2 years ago
- ☆35Updated 3 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆62Updated 3 years ago
- Finds imports that could be exploited, still requires manual analysis.☆29Updated 2 years ago
- Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…☆42Updated last year
- Asynchronous RDP/VNC client for Python (GUI)☆73Updated 8 months ago
- ☆36Updated last year
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆75Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆54Updated 5 years ago
- Kerberos laboratory to better understand and then detecting attack on kerberos☆70Updated 4 years ago
- MiniDump a process in memory with rust☆36Updated 4 years ago
- Playing with PE's and Building Structures by Hand☆22Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆128Updated 2 years ago
- A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…☆26Updated last year
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆54Updated 3 years ago
- Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.☆60Updated 3 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Updated 4 years ago
- Windows Persistence Toolkit in C#☆37Updated 2 years ago
- ☆35Updated 3 years ago
- Execute PowerShell code at the antimalware-light protection level.☆141Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆33Updated 3 years ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆65Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆87Updated 2 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆21Updated 5 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆107Updated 3 years ago