WMI Monitor
Monitor WMI consumers and processes, detecting potential malicious activity. This PowerShell script monitors WMI consumers and processes, detecting potential malicious activity. **Usage:** 1. Run PowerShell as administrator. 2. Import the WMIMonitor.ps1 module. 3. Create a new event subscriber. 4. Test the process call create function. 5. Check the Application Event log for EID 8. **Disable logging:** 1. Open an Administrator PS shell. 2. Run Remove-SubscriberMonitor. 3. Confirm the event subscriber and all associated WMI objects have been successfully removed.
FEATURES
ALTERNATIVES
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
A tool for monitoring and managing device compliance and security across multiple platforms
A single cybersecurity platform that provides holistic security management, prevention, detection, and response capabilities powered by AI and threat intelligence, designed to simplify and converge security operations in diverse hybrid IT environments.
A Python library for loading and executing Beacon Object Files (BOFs) in-memory.
Microsoft Defender for Endpoint is a comprehensive endpoint security solution that provides industry-leading, multi-platform detection and response capabilities.
A library to access and parse the Microsoft Internet Explorer Cache File format.
A modern tool for Windows kernel exploration and observability with a focus on security.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.