Alternatives and similar repositories for evtq:

Users that are interested in evtq are comparing it to the libraries listed below

• netwrix / server-untrust-account
  A technique for Active Directory domain persistence
  ☆39Updated last year
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆36Updated 10 months ago
• Teach2Breach / NtCreateUserProcess_rs
  example using NtCreateUserProcess in rust
  ☆19Updated 3 months ago
• skelsec / aardwolfgui
  Asynchronous RDP/VNC client for Python (GUI)
  ☆71Updated 3 months ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆58Updated 2 years ago
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆77Updated 2 months ago
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆47Updated 2 years ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• postrequest / donut-rs
  Donut generator in rust.
  ☆26Updated 3 years ago
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆18Updated 4 months ago
• citronneur / kerlab
  Kerberos laboratory to better understand and then detecting attack on kerberos
  ☆69Updated 3 years ago
• postrequest / safetydump
  MiniDump a process in memory with rust
  ☆36Updated 3 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• djhohnstein / HookDetector
  Playing with PE's and Building Structures by Hand
  ☆22Updated 3 years ago
• goichot / CVE-2020-3433
  PoCs and technical analysis of three vulnerabilities found on Cisco AnyConnect for Windows: CVE-2020-3433, CVE-2020-3434 and CVE-2020-343…
  ☆43Updated 4 years ago
• HuskyHacks / the-crown-defcon615
  Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk
  ☆45Updated 3 years ago
• aancw / DllProxy-rs
  Rust Implementation of SharpDllProxy for DLL Proxying Technique
  ☆30Updated 2 years ago
• Meckazin / HidingFromETW
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆20Updated 4 years ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆37Updated 2 years ago
• vysecurity / OffensiveLAM
  A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…
  ☆25Updated last year
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆47Updated 3 months ago
• delivr-to / MailCollector
  A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM
  ☆20Updated 10 months ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• MythicC2Profiles / http
  Simple HTTP async comms using standard GET/POST requests
  ☆33Updated last month
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆27Updated 2 years ago
• 17ms / airborne
  Shellcode reflective DLL injection in Rust
  ☆19Updated last year
• skelsec / anfs
  Asynchronous NFSv3 client in pure Python
  ☆26Updated last month
• matterpreter / FindETWProviderImage
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆74Updated 3 years ago
• codewhitesec / SysmonEnte
  ☆75Updated 2 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆64Updated 3 years ago