Alternatives and similar repositories for EventLogForRedTeams

Users that are interested in EventLogForRedTeams are comparing it to the libraries listed below

• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 3 years ago
• 0xe7 / WonkaVision
  ☆84Updated 2 years ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆92Updated 2 years ago
• LaresLLC / OffensiveSysAdmin
  A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools
  ☆88Updated 2 years ago
• AssuranceMaladieSec / AD-description-password-finder
  Retrieve AD accounts description and search for password in it
  ☆83Updated 3 years ago
• knavesec / o365fedenum
  Federated Office365 user enumeration based on correlated response trend analysis
  ☆51Updated 3 years ago
• icyguider / NewPowerDNS
  Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.
  ☆84Updated 2 years ago
• 0xe7 / PowerSploit
  PowerSploit - A PowerShell Post-Exploitation Framework
  ☆42Updated 5 months ago
• njcve / inflate.py
  Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.
  ☆120Updated 3 years ago
• Hypnoze57 / RDPChecker
  RDP Checker
  ☆63Updated last year
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• bitsadmin / chophound
  Some scripts to support with importing large datasets into BloodHound
  ☆81Updated last year
• fozavci / WeaponisingCSharp-Fundamentals
  Weaponising C# - Fundamentals Training Content
  ☆70Updated 4 years ago
• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆72Updated 2 years ago
• myexploit / living_off_the_land
  ☆44Updated last year
• 0xe7 / RoastInTheMiddle
  ☆72Updated 2 months ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆56Updated 3 years ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆68Updated 2 years ago
• ustayready / ShredHound
  Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
  ☆95Updated 2 years ago
• 8com / bloodhound-adAnalysis
  Automation of Active Directory penetration testing tasks on top of BloodHound CE
  ☆34Updated 2 years ago
• daem0nc0re / Abusing_Weak_ACL_on_Certificate_Templates
  Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
  ☆124Updated 3 years ago
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆73Updated 4 months ago
• RiccardoAncarani / talks
  ☆43Updated 3 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Updated 3 years ago
• zblurx / BloodHoundCustomQueries
  My BloodHound custom queries
  ☆25Updated 2 years ago
• nyxgeek / AzureAD_Autologon_Brute
  Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…
  ☆103Updated last year
• snovvcrash / OffensivePipeline
  OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
  ☆93Updated 3 years ago
• netwrix / server-untrust-account
  A technique for Active Directory domain persistence
  ☆39Updated 2 years ago
• h4wkst3r / SharPersist
  Windows Persistence Toolkit in C#
  ☆36Updated 2 years ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆87Updated 3 years ago