trustedsec / tscopy
☆90Updated 2 years ago
Alternatives and similar repositories for tscopy:
Users that are interested in tscopy are comparing it to the libraries listed below
- Detect possible sysmon logging bypasses given a specific configuration☆108Updated 6 years ago
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆51Updated last year
- A repository that maps API calls to Sysmon Event ID's.☆118Updated 2 years ago
- ☆92Updated 2 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆102Updated 7 years ago
- Carbon Black Response IR tool☆53Updated 4 years ago
- AdHoc solutions☆48Updated last year
- ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabili…☆172Updated 6 months ago
- Userland API monitor for threat hunting☆58Updated 5 years ago
- ☆44Updated last year
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆85Updated 9 months ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- Powershell Event Tracing Toolbox☆75Updated 3 years ago
- ☆47Updated 5 years ago
- Evtx Log (xml) Browser☆56Updated 2 years ago
- A collection of various tools for red-teaming exercises. A mix of C#, Powershell, & Python☆106Updated 8 months ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆102Updated 2 years ago
- isodump - ISO dump utility☆40Updated 5 years ago
- $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility☆36Updated 8 months ago
- IcedID Decryption Tool☆28Updated 3 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- ☆34Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- Extract BITS jobs from QMGR queue and store them as CSV records☆75Updated last month
- ☆38Updated 3 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- Parses the WMI object database....looking for persistence☆31Updated 5 years ago
- Registry permission scanner written in C# for finding potential privesc avenues within registry☆85Updated 4 years ago