randomaccess3 / block-parserLinks
Parser for Windows PowerShell script block logs
☆13Updated 5 months ago
Alternatives and similar repositories for block-parser
Users that are interested in block-parser are comparing it to the libraries listed below
Sorting:
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆18Updated 3 years ago
- python3 scripts to help with aws triage needs☆15Updated 3 years ago
- A collection of tools adversaries commonly use in an attack.☆14Updated 6 months ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 11 months ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆16Updated last year
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆14Updated 7 months ago
- Resources and Discussions About Detection Engineering☆12Updated 2 years ago
- Tool for obtaining information about PPL processes☆17Updated last year
- Kibana app for RedELK☆17Updated 2 years ago
- Speaking materials from conferences I've given☆9Updated 2 years ago
- ☆18Updated last year
- Parser for Sdba memory pool tags☆18Updated 3 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 2 years ago
- ☆15Updated 3 years ago
- ☆12Updated 3 years ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+☆18Updated 4 months ago
- ☆16Updated 4 months ago
- A 'trainer' agent which is great for showing customers a nice fake 'ransom' screen. Requires target machine to have head - since support …☆11Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆20Updated 2 years ago
- ☆12Updated 3 years ago
- JXA script for Mythic that prints the TCC.db☆15Updated 4 years ago
- ☆14Updated last year
- ☆18Updated 5 months ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Updated 2 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆17Updated last year
- Configurable, Community driven, HTTP C2 Profile☆22Updated 3 weeks ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated 2 years ago
- ☆17Updated 10 months ago
- ☆23Updated 3 months ago