sysinternals
There are 41 repositories under sysinternals topic.
SwiftOnSecurity/sysmon-config
Sysmon configuration file template with default high-quality event tracing
Sysinternals/ProcDump-for-Linux
A Linux version of the ProcDump Sysinternals tool
nshalabi/SysmonTools
Utilities for Sysmon
ion-storm/sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
diogo-fernan/ir-rescue
A Windows Batch script and a Unix Bash script to comprehensively collect host forensic data during incident response.
Tulpep/SDelete-Gui
Secure delete files with right click. GUI for Sysinternals SDelete tool
arizvisa/windows-binary-tools
Various tools besides Msys2 that I've found useful to have available on windows. Create an issue if you have anything you want to add, want some binaries updated, or you think that some of them should be moved or re-moved.
AlexanderPro/AwesomeWallpaper
AwesomeWallpaper plays videos, shows images and system info on your desktop wallpaper
memoryforensics1/Vol3xp
Volatility Explorer Suit
alal4465/KernelMon
A ProcMon-esque tool for monitoring Windows Kernel Drivers
cristeigabriel/re-sysinternals-suite
Code from process of reversing Sysinternals Suite for educational purposes, with videos to associate them
niheaven/scoop-sysinternals
Scoop bucket for Sysinternals
matheus-1618/Atreus
Anti-Ransomware to mitigate and neutralize Ryuk Threat.
lowleveldesign/send2procmon
A command line tool that sends its input data to a running procmon instance.
SecurityJosh/MuteSysmon
A PowerShell script to prevent Sysmon from writing its events
belowaverage-org/SuperBGInfo
A re-creation of SysInternals BGInfo that doesn't touch the desktop wallpaper.
AlSch092/DetectOpenHandles
Code example of detecting open process handles to our process (C/C++, Windows)
abhishekgoenka/tools-and-utilities
This repository contains tools and utilities used for developer
AlSch092/APC-PE-Injector
APC Injection is a code injection technique which bypasses TLS callback protections (Windows OS)
benwa/BgInfo-Helper
Quality of life improvements for Sysinternal's BgInfo
blazcode/BgAssist
Small footprint executable triggering desktop background refreshes, helping to improve user experience and accessibility in VDI environments.
Nick-C/Sysmon-Installer
A Sysmon Install script using the Powershell Application Deployment Toolkit
sous-chefs/sysinternals
Development repository for the sysinternals cookbook
1Dimitri/WixsharpSysmon
Wixsharp based installed MSI for Sysmon and rules from the SwiftOnSecurity project
AlSch092/PEBSpoofer
Example in C of changing the current process PEB's address at runtime
debilsyka/ProcMonDebugOutput
See Your Trace Statements in Process Monitor!
Starli0n/Seraph
Frontend for Handle viewer of Windows Sysinternals
chalvorson/sysmon-config
Sysmon configuration file template from SwiftOnSecurity with a few PRs merged and install/updates scripts from threathunting.
cj13579/open-whois
A python whois client that is intended to be a drop-in upgrade to the Windows sysinternals whois client with support for significantly more WHOIS formats and domains.
ezlage/ZAD
A set of scripts developed with the aim of facilitating the deployment and updating of Zabbix Agents in large environments.
githubfoam/choco_githubactions
chocolatey baseline packages
mark-kubacki/go.runtime
Gets you the available thread count, without caching; handy for systems and hot-plugging cpus; merged into Docker.
vurdalakov/regjumpsharp
A C# remake of RegJump by SysInternals
d0ggie/SysinternalsNow
Sysinternals Now is an utility to fetch Sysinternals utilities.
asheroto/Registry-Jumper
Chrome/Edge/Brave extension to open any selected Windows Registry path in Regedit using Sysinternals RegJump
Psmths/ingest-procmon
Python script to index SysInternals procmon CSV exports into elasticsearch