sysinternals

There are 14 repositories under sysinternals topic.

• SwiftOnSecurity / sysmon-config

  Sysmon configuration file template with default high-quality event tracing

  sysmonthreatintelthreat-huntingsysinternalswindowsnetsecmonitoringlogging
  4570

• Sysinternals / ProcDump-for-Linux

  A Linux version of the ProcDump Sysinternals tool

  debugging-toolclisysinternals
  Language:C 2872

• nshalabi / SysmonTools

  Utilities for Sysmon

  sysmonthreatintelsysinternalsthreat-huntingwindowsnetsecmonitoringloggingthreat-intelligence
  1446

• ion-storm / sysmon-config

  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

  sysmonthreatintelthreat-huntingnetsecsysinternalslogginggrayloggraylog-plugindfirthreat-intelligencethreat-sharingthreat-analysismitre-attackdigitalforensicsforensic-analysisforensicartifactsforensicssiemsigma-ruleshumio
  Language:PowerShell 749

• diogo-fernan / ir-rescue

  A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.

  cybersecurityincident-responsesysinternalsnirsoftwindowsunixbatchbashmalwareforensicsdfir
  Language:Batchfile 447

• Tulpep / SDelete-Gui

  Secure delete files with right click. GUI for Sysinternals SDelete tool

  c-sharpwindowssysinternals
  Language:C# 216

• arizvisa / windows-binary-tools

  Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them should be moved or re-moved.

  windowsbinariesadministration-toolsfirst-installsysinternals
  Language:C 125

• AlexanderPro / AwesomeWallpaper

  AwesomeWallpaper plays videos, shows images and system info on your desktop wallpaper

  wallpaperscreensaveranimationwindowswindows-10bginfosysinternalswallpapers
  Language:C# 103
• Vol3xp

  memoryforensics1 / Vol3xp

  Volatility Explorer Suit

  vol3xpvolexppluginmemoryvolatility-frameworkprocexpsysinternalsvolatility-sysinternalssysinternals-volatilityvolatilityexplorerprocess-hackerforensicsvolatility-mastervolatility-explorervolatilityprocess-explorervolatility-pluginsanalysismemory-dumpvolatility-plugin
  Language:Python 57

• alal4465 / KernelMon

  A ProcMon-esque tool for monitoring Windows Kernel Drivers

  windowskernelhypervisorhookingcppsysinternalswindowsinternalsmonitoring-tool
  Language:C++ 48

• cristeigabriel / re-sysinternals-suite

  Code from process of reversing Sysinternals Suite for educational purposes, with videos to associate them

  reverse-engineeringsysinternals
  Language:C++ 47

• niheaven / scoop-sysinternals

  Scoop bucket for Sysinternals

  scoopsysinternalsscoop-bucket
  Language:PowerShell 22

• matheus-1618 / Atreus

  Anti-Ransomware to mitigate and neutralize Ryuk Threat.

  antiransomwareryuk-ransomwaresecurity-toolspythonryuksysinternalswindowsransomware-detectionransomware-preventionmalware-analysis
  Language:Python 19

• SecurityJosh / MuteSysmon

  A PowerShell script to prevent Sysmon from writing its events

  netsecsysmonredteamblueteamsysinternals
  Language:PowerShell 15

• lowleveldesign / send2procmon

  A command line tool that sends its input data to a running procmon instance.

  procmonsysinternals
  Language:C# 14

• belowaverage-org / SuperBGInfo

  A re-creation of SysInternals BGInfo that doesn't touch the desktop wallpaper.

  bginfosysinternalsbackgroundinformation
  Language:C# 8

• abhishekgoenka / tools-and-utilities

  This repository contains tools and utilities used for developer

  sysinternalswindbgprocxpsymboletools
  6

• benwa / BgInfo-Helper

  Quality of life improvements for Sysinternal's BgInfo

  autohotkeysysinternalsbginfo
  Language:AutoHotkey 5

• Nick-C / Sysmon-Installer

  A Sysmon Install script using the Powershell Application Deployment Toolkit

  sysmonpowershell-scriptsysinternalswindowsnetseclogging
  Language:PowerShell 4

• sous-chefs / sysinternals

  Development repository for the sysinternals cookbook

  chefhacktoberfestchef-cookbooksysinternalschef-resourcemanaged-by-terraform
  Language:Ruby 4

• blazcode / BgAssist

  Small footprint executable triggering desktop background refreshes, helping to improve user experience and accessibility in VDI environments.

  bginfovdisysinternalscitrixvmware-horizonwindows-10
  Language:C# 3

• AlSch092 / PEBSpoofer

  Example in C of changing the current process PEB's address at runtime

  reverse-engineeringsysinternalswindows-pe
  Language:C++ 2

• Starli0n / Seraph

  Frontend for Handle viewer of Windows Sysinternals

  csharpsystemsysinternals
  Language:C# 2

• 1Dimitri / WixsharpSysmon

  Wixsharp based installed MSI for Sysmon and rules from the SwiftOnSecurity project

  wixsharpmsisysmonsysmon-configsysinternalssecurity-tools
  Language:C# 1

• cj13579 / open-whois

  A python whois client that is intended to be a drop-in upgrade to the Windows sysinternals whois client with support for significantly more WHOIS formats and domains.

  whoiswhois-clientsysinternalswindowspython
  Language:Python 1

• debilsyka / ProcMonDebugOutput

  See Your Trace Statements in Process Monitor!

  processmonitorprocmonsysinternals
  Language:Pascal 1
• go.runtime

  mark-kubacki / go.runtime

  Gets you the available thread count, without caching; handy for systems and hot-plugging cpus; merged into Docker.

  golangmulticorehotplugsysinternals
  Language:Go 1

• chalvorson / sysmon-config

  Sysmon configuration file template from SwiftOnSecurity with a few PRs merged and install/updates scripts from threathunting.

  sysmonsysinternalswindowslogging
  Language:Batchfile 0
• SysinternalsNow

  d0ggie / SysinternalsNow

  Sysinternals Now is an utility to fetch Sysinternals utilities.

  powershellsysinternalswindows
  Language:PowerShell 0

• ezlage / ZAD

  A set of scripts developed with the aim of facilitating the deployment and updating of Zabbix Agents in large environments.

  7-zip7zipagentautomationbatchfilecurldeployinstallmonitoringpowershellpsexecpsremotingpstoolsscriptsysinternalstarmauninstallupdatingwindowszabbix
  Language:Batchfile 0

• 1Dimitri / WixSharpSysInternals

  Wix# + SysInternals

  wixsharpsysinternalsmsi
  Language:C#

• githubfoam / choco_githubactions

  chocolatey baseline packages

  chocolateywindows2019windows2016sysinternalswindows2022
  Language:PowerShell

• githubfoam / powershell-sandbox

  powershell

  powershellmacoswindowsubuntupsscriptanalyzerpesterpsdeploypowershell-gallerysysinternalspowerclibardbingchatgpt
  Language:PowerShell

• Psmths / ingest-procmon

  Python script to index SysInternals procmon CSV exports into elasticsearch

  analysiselasticelasticsearchprocmonsysinternals
  Language:Python

• sadiqsonalkar / Forensic

  Computer forensic using autospy, wireshark, etc.

  cache-memorydata-acquisitionforensic-analysisforensics-investigationsftk-imagermonitoringnetwork-packetsnetwork-trackingpacket-analyserpacket-capturepacket-snifferprocess-managementsysinternalstcp-udpwireshark

• vurdalakov / regjumpsharp

  A C# remake of RegJump by SysInternals

  regjumpsysinternals
  Language:C#