trustedsec / tscopy
☆90Updated 2 years ago
Alternatives and similar repositories for tscopy:
Users that are interested in tscopy are comparing it to the libraries listed below
- Detect possible sysmon logging bypasses given a specific configuration☆108Updated 6 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆104Updated 7 years ago
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- A repository that maps API calls to Sysmon Event ID's.☆118Updated 2 years ago
- Evtx Log (xml) Browser☆56Updated 2 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆51Updated last year
- Manipulate timestamps on NTFS☆50Updated 10 years ago
- ☆146Updated 10 months ago
- ☆38Updated 3 years ago
- ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabili…☆173Updated 7 months ago
- ☆94Updated 2 years ago
- ☆44Updated last year
- PoC that manipulates Windows file times using SetFileTime() API☆60Updated 5 years ago
- AdHoc solutions☆48Updated last year
- Carbon Black Response IR tool☆53Updated 4 years ago
- Powershell Event Tracing Toolbox☆75Updated 3 years ago
- AV/EDR evasion via direct system calls.☆32Updated 4 years ago
- LLMNR/NBNS/mDNS Spoofing Detection Toolkit☆59Updated 3 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆165Updated 2 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- ☆34Updated 2 years ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆61Updated 4 months ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆106Updated 8 months ago
- This is a repository that is meant to hold detections for various process injection techniques.☆34Updated 5 years ago
- DLL Password Filter Implant with Exfiltration Capabilities☆136Updated 5 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆90Updated 3 years ago