Alternatives and similar repositories for PS-MOTW:

Users that are interested in PS-MOTW are comparing it to the libraries listed below

• ADPunisher / OwnershipStealer
  ☆27Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆40Updated 2 months ago
• xforcered / VectoredExceptionHandling
  ☆28Updated 4 months ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• t94j0 / sddl_py
  Parse SDDL strings
  ☆35Updated 9 months ago
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆14Updated 6 months ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 6 months ago
• joe-desimone / rep-research
  ☆68Updated 5 months ago
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆30Updated last year
• JonasBK / Powershell
  ☆31Updated last month
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆38Updated last year
• OffenseTeacher / Steganim
  ☆47Updated last year
• Helixo32 / GetSystem-LCI
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆29Updated last month
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆73Updated last year
• decoder-it / Troopers24
  ☆42Updated 6 months ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆21Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆45Updated 10 months ago
• simondotsh / DirSync
  DirSync is a simple proof of concept PowerShell module to demonstrate the impact of delegating DS-Replication-Get-Changes and DS-Replicat…
  ☆27Updated last year
• HulkOperator / AuthStager
  ☆45Updated 2 months ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆18Updated last year
• djackreuter / proc_noprocdump
  Dump LSASS by spoofing command line arguments to procdump.
  ☆19Updated 2 months ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• Bl4ckM1rror / PEAs
  ☆58Updated last year
• paranoidninja / BRC4-Seminar-Stage-I
  These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…
  ☆19Updated last year
• jborean93 / AmsiProvider
  Test AMSI Provider implementation in C#
  ☆29Updated last month
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated 6 months ago
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆31Updated 7 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆24Updated 4 months ago
• FuzzySecurity / Magikarp
  ECC Public Key Cryptography
  ☆36Updated last year