secprentice/PowerShellWatchlist external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

secprentice/PowerShellWatchlist

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/secprentice/PowerShellWatchlist)

Close

secprentice / PowerShellWatchlistView on GitHubMore

• External links
• Readme badge

List of PowerShell commands and commandlets that should be in your Powershel watchlist

☆39Jul 22, 2021Updated 4 years ago

Alternatives and similar repositories for PowerShellWatchlist

Users that are interested in PowerShellWatchlist are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• MISP / yara-misp

  View on GitHub
  Export MISP attributes in Yara
  ☆12Sep 15, 2017Updated 8 years ago
• piesecurity / WindowsEventsToCSVTimeline

  View on GitHub
  Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.
  ☆32Oct 13, 2018Updated 7 years ago
• tasox / LogRM

  View on GitHub
  LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network
  ☆74Jul 9, 2019Updated 6 years ago
• binaryAccess / highway_to_hell

  View on GitHub
  Pwnage
  ☆17Jul 1, 2025Updated 10 months ago
• IBM / integrating-rpa-and-qradar-automate-security-activities

  View on GitHub
  Integrate IBM QRadar and RPA to automate security L1 tasks.
  ☆14May 20, 2022Updated 3 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• Xh4H / tfsc

  View on GitHub
  Automated tool to find backup files that may disclose a website's source code
  ☆20Oct 13, 2022Updated 3 years ago
• jonny-jhnson / Windows-API-To-Sysmon-Events

  View on GitHub
  A repository that maps API calls to Sysmon Event ID's.
  ☆121Nov 14, 2022Updated 3 years ago
• simeononsecurity / Windows-Defender-STIG-Script

  View on GitHub
  Automate Windows Defender STIG to 100% Compliance
  ☆19Jul 26, 2024Updated last year
• securethelogs / Bluechecker

  View on GitHub
  Audit Powershell and search from known keywords in history #Blueteam
  ☆25Apr 22, 2020Updated 6 years ago
• mtth-bfft / evtq

  View on GitHub
  Windows eventlog formatting, live fetching and querying utility in C
  ☆20May 26, 2020Updated 5 years ago
• cno-io / bh_aws

  View on GitHub
  Materials for AWS Training
  ☆15Jul 21, 2021Updated 4 years ago
• Th1ru-M / Windows-Threat-Hunting

  View on GitHub
  Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
  ☆22Dec 8, 2024Updated last year
• shr3ddersec / ThreatHunting

  View on GitHub
  Reference sheet for Threat Hunting Professional Course
  ☆26Mar 10, 2019Updated 7 years ago
• noraj / Atmail-exploit-toolchain

  View on GitHub
  AtMail Email Server Appliance 6.4 - Exploit toolchain (XSS > CSRF > RCE)
  ☆11Dec 8, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• sans-blue-team / sec555-wiki

  View on GitHub
  ☆77Jun 25, 2019Updated 6 years ago
• RandomRhythm / Vendor-Threat-Triage-Lookup

  View on GitHub
  Lookup file hashes, domain names and IP addresses using various vendors to assist with triaging potential threats.
  ☆29Feb 15, 2026Updated 2 months ago
• RandomRhythm / mal2csv

  View on GitHub
  Malformed Access Log to CSV - Convert Web Server Access Logs to CSV
  ☆18Sep 3, 2024Updated last year
• gnebbia / av_evasion

  View on GitHub
  ☆11May 27, 2021Updated 4 years ago
• airman604 / amsi_bypassr

  View on GitHub
  AMSI bypass stager generator
  ☆29Feb 5, 2019Updated 7 years ago
• realparisi / WMI_Monitor

  View on GitHub
  Log newly created WMI consumers and processes to the Windows Application event log
  ☆124Feb 28, 2018Updated 8 years ago
• Kirtar22 / Litmus_Test

  View on GitHub
  Detecting ATT&CK techniques & tactics for Linux
  ☆257Oct 1, 2020Updated 5 years ago
• techspence / Locksmith

  View on GitHub
  A tool to identify and remediate common misconfigurations in Active Directory Certificate Services
  ☆18Jan 13, 2024Updated 2 years ago
• RandomRhythm / Rhythm-CB-Scripts

  View on GitHub
  Collection of scripts for use with Carbon Black Cb Response API
  ☆14May 7, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• kurtfalde / DNS-Debug

  View on GitHub
  Script to enabled DNS Debug Logging across Domain Controllers in a Forest and then retrieve for analysis
  ☆14May 27, 2016Updated 9 years ago
• MotiBa / AppLocker

  View on GitHub
  AppLocker hardening policies
  ☆26Jul 26, 2018Updated 7 years ago
• makash / linux-container-security-docs

  View on GitHub
  A gitbook for doing a null Bangalore session on linux container security to discuss and teach namespaces, cgroups etc.
  ☆20Apr 27, 2017Updated 9 years ago
• limbenjamin / LogServiceCrash

  View on GitHub
  POC code to crash Windows Event Logger Service
  ☆27Oct 16, 2020Updated 5 years ago
• Loginsoft-LLC / threat-detection-rules

  View on GitHub
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Jul 27, 2022Updated 3 years ago
• oneoffdallas / check_ioc

  View on GitHub
  Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …
  ☆79Dec 24, 2017Updated 8 years ago
• zacbrown / configs

  View on GitHub
  Zac's assorted config files
  ☆10Jan 11, 2017Updated 9 years ago
• cobbr / InsecurePowerShell

  View on GitHub
  InsecurePowerShell is PowerShell with some security features removed.
  ☆105Dec 19, 2017Updated 8 years ago
• olafhartong / sysmon-modular

  View on GitHub
  A repository of sysmon configuration modules
  ☆3,029Aug 21, 2024Updated last year
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• microsoft / purview

  View on GitHub
  ☆30Apr 18, 2026Updated last week
• SCS-Labs / TheWatchList

  View on GitHub
  Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
  ☆16May 21, 2021Updated 4 years ago
• JPCERTCC / SysmonSearch

  View on GitHub
  Investigate suspicious activity by visualizing Sysmon's event log
  ☆431Dec 22, 2023Updated 2 years ago
• chihebchebbi / Sentinel2Attack

  View on GitHub
  ☆14Mar 5, 2021Updated 5 years ago
• NdS-Research-Facilities / QRadar-ruleset

  View on GitHub
  QRadar Export the rule set for printing
  ☆23Oct 23, 2017Updated 8 years ago
• tuian / subTee-gits-backups

  View on GitHub
  subTee gists code backups
  ☆37Dec 19, 2017Updated 8 years ago
• MarkBaggett / domain_stats2

  View on GitHub
  ☆14Feb 8, 2020Updated 6 years ago