secprentice/PowerShellWatchlist external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

secprentice/PowerShellWatchlist

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/secprentice/PowerShellWatchlist)

Close

secprentice / PowerShellWatchlistView on GitHubMore

• External links
• Readme badge

List of PowerShell commands and commandlets that should be in your Powershel watchlist

☆39Jul 22, 2021Updated 4 years ago

Alternatives and similar repositories for PowerShellWatchlist

Users that are interested in PowerShellWatchlist are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• MISP / yara-misp

  View on GitHub
  Export MISP attributes in Yara
  ☆12Sep 15, 2017Updated 8 years ago
• ssh3ll / Windows-10-Hardening

  View on GitHub
  ☆53Aug 22, 2021Updated 4 years ago
• piesecurity / WindowsEventsToCSVTimeline

  View on GitHub
  Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.
  ☆32Oct 13, 2018Updated 7 years ago
• tasox / LogRM

  View on GitHub
  LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network
  ☆74Jul 9, 2019Updated 6 years ago
• binaryAccess / highway_to_hell

  View on GitHub
  Pwnage
  ☆17Jul 1, 2025Updated 9 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• RandomRhythm / YARA_Rules_Util

  View on GitHub
  YARA duplicate rule detection and removal. YARA rule index creation. YARA rule file merger.
  ☆10Jan 19, 2026Updated 2 months ago
• QueenSquishy / Zombie

  View on GitHub
  General Content
  ☆27Dec 23, 2025Updated 3 months ago
• jonny-jhnson / Windows-API-To-Sysmon-Events

  View on GitHub
  A repository that maps API calls to Sysmon Event ID's.
  ☆121Nov 14, 2022Updated 3 years ago
• securethelogs / Bluechecker

  View on GitHub
  Audit Powershell and search from known keywords in history #Blueteam
  ☆25Apr 22, 2020Updated 5 years ago
• otoriocyber / CIMPLICITY-Hardening-Tool

  View on GitHub
  PowerShell script for hardening GE digital CIMPLICITY servers
  ☆23Aug 12, 2021Updated 4 years ago
• mtth-bfft / evtq

  View on GitHub
  Windows eventlog formatting, live fetching and querying utility in C
  ☆20May 26, 2020Updated 5 years ago
• cno-io / bh_aws

  View on GitHub
  Materials for AWS Training
  ☆15Jul 21, 2021Updated 4 years ago
• Th1ru-M / Windows-Threat-Hunting

  View on GitHub
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Dec 8, 2024Updated last year
• shr3ddersec / ThreatHunting

  View on GitHub
  Reference sheet for Threat Hunting Professional Course
  ☆26Mar 10, 2019Updated 7 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• w8mej / ThreatPlays

  View on GitHub
  Sharing Threat Hunting runbooks
  ☆25Jul 5, 2019Updated 6 years ago
• noraj / Atmail-exploit-toolchain

  View on GitHub
  AtMail Email Server Appliance 6.4 - Exploit toolchain (XSS > CSRF > RCE)
  ☆11Dec 8, 2022Updated 3 years ago
• RandomRhythm / Vendor-Threat-Triage-Lookup

  View on GitHub
  Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
  ☆29Feb 15, 2026Updated last month
• gnebbia / av_evasion

  View on GitHub
  ☆11May 27, 2021Updated 4 years ago
• airman604 / amsi_bypassr

  View on GitHub
  AMSI bypass stager generator
  ☆29Feb 5, 2019Updated 7 years ago
• realparisi / WMI_Monitor

  View on GitHub
  Log newly created WMI consumers and processes to the Windows Application event log
  ☆124Feb 28, 2018Updated 8 years ago
• Kirtar22 / Litmus_Test

  View on GitHub
  Detecting ATT&CK techniques & tactics for Linux
  ☆257Oct 1, 2020Updated 5 years ago
• techspence / Locksmith

  View on GitHub
  A tool to identify and remediate common misconfigurations in Active Directory Certificate Services
  ☆18Jan 13, 2024Updated 2 years ago
• RandomRhythm / Rhythm-CB-Scripts

  View on GitHub
  Collection of scripts for use with Carbon Black Cb Response API
  ☆14May 7, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• MotiBa / AppLocker

  View on GitHub
  AppLocker hardening policies
  ☆26Jul 26, 2018Updated 7 years ago
• FuzzySecurity / Presentations

  View on GitHub
  A collection of my presentation materials.
  ☆17Apr 29, 2024Updated last year
• agreenjay / sysmon

  View on GitHub
  A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data
  ☆39Mar 23, 2020Updated 6 years ago
• makash / linux-container-security-docs

  View on GitHub
  A gitbook for doing a null Bangalore session on linux container security to discuss and teach namespaces, cgroups etc.
  ☆20Apr 27, 2017Updated 8 years ago
• limbenjamin / LogServiceCrash

  View on GitHub
  POC code to crash Windows Event Logger Service
  ☆27Oct 16, 2020Updated 5 years ago
• Loginsoft-LLC / threat-detection-rules

  View on GitHub
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Jul 27, 2022Updated 3 years ago
• oneoffdallas / check_ioc

  View on GitHub
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆79Dec 24, 2017Updated 8 years ago
• zacbrown / configs

  View on GitHub
  Zac's assorted config files
  ☆10Jan 11, 2017Updated 9 years ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆3,007Aug 21, 2024Updated last year
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• SCS-Labs / TheWatchList

  View on GitHub
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆16May 21, 2021Updated 4 years ago
• JPCERTCC / SysmonSearch

  View on GitHub
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆431Dec 22, 2023Updated 2 years ago
• chihebchebbi / Sentinel2Attack

  View on GitHub
  ☆14Mar 5, 2021Updated 5 years ago
• NdS-Research-Facilities / QRadar-ruleset

  View on GitHub
  QRadar Export the rule set for printing
  ☆23Oct 23, 2017Updated 8 years ago
• MarkBaggett / domain_stats2

  View on GitHub
  ☆14Feb 8, 2020Updated 6 years ago
• sumeshi / evtx2es

  View on GitHub
  A fast library for parsing and importing Windows Event Logs into Elasticsearch.
  ☆86Mar 30, 2026Updated last week
• OTRF / SimuLand

  View on GitHub
  Cloud Templates and scripts to deploy mordor environments
  ☆129Mar 3, 2021Updated 5 years ago