secprentice/PowerShellWatchlist external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

secprentice/PowerShellWatchlist

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/secprentice/PowerShellWatchlist)

Close

secprentice / PowerShellWatchlistView on GitHubMore

• External links
• Readme badge

List of PowerShell commands and commandlets that should be in your Powershel watchlist

☆39Jul 22, 2021Updated 4 years ago

Alternatives and similar repositories for PowerShellWatchlist

Users that are interested in PowerShellWatchlist are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• MISP / yara-misp

  View on GitHub
  Export MISP attributes in Yara
  ☆12Sep 15, 2017Updated 8 years ago
• ssh3ll / Windows-10-Hardening

  View on GitHub
  ☆52Aug 22, 2021Updated 4 years ago
• piesecurity / WindowsEventsToCSVTimeline

  View on GitHub
  Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.
  ☆32Oct 13, 2018Updated 7 years ago
• tasox / LogRM

  View on GitHub
  LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network
  ☆74Jul 9, 2019Updated 6 years ago
• binaryAccess / highway_to_hell

  View on GitHub
  Pwnage
  ☆17Jul 1, 2025Updated 10 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• IBM / integrating-rpa-and-qradar-automate-security-activities

  View on GitHub
  Integrate IBM QRadar and RPA to automate security L1 tasks.
  ☆14May 20, 2022Updated 4 years ago
• QueenSquishy / Zombie

  View on GitHub
  General Content
  ☆27Dec 23, 2025Updated 4 months ago
• jonny-jhnson / Windows-API-To-Sysmon-Events

  View on GitHub
  A repository that maps API calls to Sysmon Event ID's.
  ☆122Nov 14, 2022Updated 3 years ago
• simeononsecurity / Windows-Defender-STIG-Script

  View on GitHub
  Automate Windows Defender STIG to 100% Compliance
  ☆19Jul 26, 2024Updated last year
• securethelogs / Bluechecker

  View on GitHub
  Audit Powershell and search from known keywords in history #Blueteam
  ☆25Apr 22, 2020Updated 6 years ago
• otoriocyber / CIMPLICITY-Hardening-Tool

  View on GitHub
  PowerShell script for hardening GE digital CIMPLICITY servers
  ☆23Aug 12, 2021Updated 4 years ago
• mtth-bfft / evtq

  View on GitHub
  Windows eventlog formatting, live fetching and querying utility in C
  ☆20May 26, 2020Updated 5 years ago
• cno-io / bh_aws

  View on GitHub
  Materials for AWS Training
  ☆15Jul 21, 2021Updated 4 years ago
• Th1ru-M / Windows-Threat-Hunting

  View on GitHub
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Dec 8, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• w8mej / ThreatPlays

  View on GitHub
  Sharing Threat Hunting runbooks
  ☆26Jul 5, 2019Updated 6 years ago
• sans-blue-team / sec555-wiki

  View on GitHub
  ☆78Jun 25, 2019Updated 6 years ago
• RandomRhythm / mal2csv

  View on GitHub
  Malformed Access Log to CSV - Convert Web Server Access Logs to CSV
  ☆18Sep 3, 2024Updated last year
• gnebbia / av_evasion

  View on GitHub
  ☆11May 27, 2021Updated 4 years ago
• airman604 / amsi_bypassr

  View on GitHub
  AMSI bypass stager generator
  ☆29Feb 5, 2019Updated 7 years ago
• realparisi / WMI_Monitor

  View on GitHub
  Log newly created WMI consumers and processes to the Windows Application event log
  ☆124Feb 28, 2018Updated 8 years ago
• Kirtar22 / Litmus_Test

  View on GitHub
  Detecting ATT&CK techniques & tactics for Linux
  ☆258Oct 1, 2020Updated 5 years ago
• zulu8 / Get-Baseline

  View on GitHub
  PowerShell Script for Agentless Incident Response
  ☆25Apr 5, 2018Updated 8 years ago
• RandomRhythm / Rhythm-CB-Scripts

  View on GitHub
  Collection of scripts for use with Carbon Black Cb Response API
  ☆14May 7, 2022Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• kurtfalde / DNS-Debug

  View on GitHub
  Script to enabled DNS Debug Logging across Domain Controllers in a Forest and then retrieve for analysis
  ☆14May 27, 2016Updated 9 years ago
• MotiBa / AppLocker

  View on GitHub
  AppLocker hardening policies
  ☆27Jul 26, 2018Updated 7 years ago
• FuzzySecurity / Presentations

  View on GitHub
  A collection of my presentation materials.
  ☆17Apr 29, 2024Updated 2 years ago
• agreenjay / sysmon

  View on GitHub
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Mar 23, 2020Updated 6 years ago
• limbenjamin / LogServiceCrash

  View on GitHub
  POC code to crash Windows Event Logger Service
  ☆27Oct 16, 2020Updated 5 years ago
• Loginsoft-LLC / threat-detection-rules

  View on GitHub
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Jul 27, 2022Updated 3 years ago
• oneoffdallas / check_ioc

  View on GitHub
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆79Dec 24, 2017Updated 8 years ago
• zacbrown / configs

  View on GitHub
  Zac's assorted config files
  ☆10Jan 11, 2017Updated 9 years ago
• cobbr / InsecurePowerShell

  View on GitHub
  InsecurePowerShell is PowerShell with some security features removed.
  ☆105Dec 19, 2017Updated 8 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆3,038Aug 21, 2024Updated last year
• SCS-Labs / TheWatchList

  View on GitHub
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆16May 21, 2021Updated 5 years ago
• JPCERTCC / SysmonSearch

  View on GitHub
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆431Dec 22, 2023Updated 2 years ago
• chihebchebbi / Sentinel2Attack

  View on GitHub
  ☆14Mar 5, 2021Updated 5 years ago
• NdS-Research-Facilities / QRadar-ruleset

  View on GitHub
  QRadar Export the rule set for printing
  ☆23Oct 23, 2017Updated 8 years ago
• tuian / subTee-gits-backups

  View on GitHub
  subTee gists code backups
  ☆37Dec 19, 2017Updated 8 years ago
• MarkBaggett / domain_stats2

  View on GitHub
  ☆14Feb 8, 2020Updated 6 years ago