Alternatives and similar repositories for archiver-MOTW-support-comparison

Users that are interested in archiver-MOTW-support-comparison are comparing it to the libraries listed below

• jsecurity101 / ETWInspector
  ☆158Updated last month
• AlteredSecurity / Disable-TamperProtection
  A POC to disable TamperProtection and other Defender / MDE components
  ☆217Updated last year
• synacktiv / Invoke-RunAsWithCert
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆154Updated last year
• almandin / ntdsdotsqlite
  A small utility to translate NTDS.dit files to SQLite format.
  ☆73Updated last year
• deepinstinct / Lsass-Shtinkering
  ☆380Updated 2 years ago
• CCob / Shwmae
  ☆151Updated 4 months ago
• FourCoreLabs / LolDriverScan
  Scan vulnerable drivers on Windows with loldrivers.io
  ☆179Updated last year
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆77Updated 4 months ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 8 months ago
• Unprotect-Project / Unprotect_Submission
  Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…
  ☆165Updated 2 months ago
• mattifestation / AntimalwareBlight
  Execute PowerShell code at the antimalware-light protection level.
  ☆141Updated 2 years ago
• jsecurity101 / JonMon
  ☆223Updated 4 months ago
• tijldeneut / dpapilab-ng
  DPAPILAB Next Gen, script collection
  ☆83Updated 2 years ago
• MythicAgents / Hannibal
  A Mythic Agent written in PIC C.
  ☆188Updated 4 months ago
• mlcsec / FormThief
  Spoofing desktop login applications with WinForms and WPF
  ☆174Updated last year
• Mr-Un1k0d3r / WindowsDllsExport
  A list of all the DLLs export in C:\windows\system32\
  ☆216Updated 3 years ago
• sensepost / mydumbedr
  ☆119Updated last year
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆121Updated 8 months ago
• deepinstinct / NoFilter
  ☆299Updated 7 months ago
• xforcered / RemoteMonologue
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆223Updated last month
• cybersectroll / TrollUAC
  ☆144Updated last year
• oldkingcone / BYOSI
  Evade EDR's the simple way, by not touching any of the API's they hook.
  ☆144Updated 4 months ago
• hackerhouse-opensource / SignToolEx
  Patching "signtool.exe" to accept expired certificates for code-signing.
  ☆282Updated 10 months ago
• nettitude / Aladdin
  ☆221Updated last year
• scrt / PowerChell
  A PowerShell console in C/C++ with all the security features disabled
  ☆244Updated 2 weeks ago
• gtworek / VolatileDataCollector
  ☆201Updated 7 months ago
• mttaggart / wtfbins
  WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.
  ☆166Updated 2 months ago
• synacktiv / ntdissector
  ☆141Updated 9 months ago
• huntandhackett / concealed_code_execution
  Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows
  ☆215Updated 2 years ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆79Updated 9 months ago