a tiny program to consume from ETW providers for research
☆56Jan 4, 2025Updated last year
Alternatives and similar repositories for PockETWatcher
Users that are interested in PockETWatcher are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A proof-of-concept re-assembler for reverse VNC traffic.☆24May 21, 2023Updated 2 years ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Sep 17, 2025Updated 7 months ago
- The home of the SDDLMaker☆29Jan 13, 2025Updated last year
- Tool designed to exfiltrate OneDrive Business OCR Data☆127Jan 27, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated last year
- Test AMSI Provider implementation in C#☆45Dec 18, 2024Updated last year
- ☆33Feb 26, 2022Updated 4 years ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- Living of the Land of Free SaaS☆72Mar 22, 2026Updated last month
- This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…☆32May 11, 2024Updated last year
- ☆23Jun 1, 2022Updated 3 years ago
- An implementation of a Windows Event Collector server running on GNU/Linux.☆95Jan 27, 2026Updated 3 months ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆274Feb 13, 2026Updated 2 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆190Updated this week
- ☆263May 9, 2024Updated last year
- A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN☆129Jan 26, 2026Updated 3 months ago
- ☆15Sep 24, 2024Updated last year
- Shellcode loader☆106Nov 24, 2024Updated last year
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆75Dec 10, 2021Updated 4 years ago
- OSEP - Offsec Expert Professional☆21Jun 23, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆187Apr 24, 2025Updated last year
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆119Aug 19, 2025Updated 8 months ago
- A repository of credential stealer formats☆253Jun 10, 2025Updated 10 months ago
- Active Directory Group Policy analyzer☆18Sep 20, 2019Updated 6 years ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 6 months ago
- yaa - yaml search for humans☆12Dec 8, 2025Updated 4 months ago
- Windows Event Log Knowledge Base☆33Apr 13, 2026Updated 3 weeks ago
- "Service-less" driver loading☆186Nov 28, 2024Updated last year
- ☆57Apr 16, 2026Updated 3 weeks ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Red teaming tool to dump LSASS memory, bypassing basic countermeasures.☆247Mar 9, 2026Updated last month
- ☆235Jun 10, 2025Updated 10 months ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆350Oct 7, 2024Updated last year
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- COM Hijacking VOODOO☆382Nov 27, 2025Updated 5 months ago
- Aims to identify sleeping beacons☆667Jan 25, 2026Updated 3 months ago