• Stars
    star
    584
  • Rank 76,554 (Top 2 %)
  • Language
    C++
  • Created over 6 years ago
  • Updated about 6 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A tool mainly to erase specified records from Windows event logs, with additional functionalities.

EventCleaner

A tool mainly to erase specified records from Windows event logs, with additional functionalities.

EventCleaner suspend

suspends logging threads of the windows event log service, after which no logs will be recorded
暂停日志线程,停止日志记录

EventCleaner normal

resumes logging threads of the windows event log service
恢复日志线程

EventCleaner closehandle

frees handle acquired exclusively by the windows event log service to security.evtx,
so that we can manipulate the file
解除 security.evtx的文件占坑

EventCleaner 100

remove the log with id 100
删除 event record id 为 100 的日志

How to use:

  1. EventCleaner closehandle
  2. EventCleaner 100
  3. EventCleaner suspend
  4. do anything without worrying about logs
  5. EventCleaner normal
  6. delete EventCleaner

by pr0mise @ 360 A-TEAM

Thanks for the help from darkray & Drknight


Screenshots

test

test

test

test

test

test

test

More Repositories

1

BrowserGhost

这是一个抓取浏览器密码的工具,后续会添加更多功能
C#
1,380
star
2

LuWu

红队基础设施自动化部署工具
Python
843
star
3

WeblogicEnvironment

Weblogic环境搭建工具
Shell
766
star
4

sharpwmi

sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。
C#
707
star
5

CobaltStrike-Toolset

Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on
PowerShell
518
star
6

EventLogMaster

Cobalt Strike插件 - RDP日志取证&清除
PowerShell
358
star
7

ptrace

a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志
C
236
star
8

PandaSniper

Linux C2 框架demo,为期2周的”黑客编程马拉松“,从学习编程语言开始到实现一个demo的产物
C#
219
star
9

HideShell

A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.
Java
213
star
10

redis_lua_exploit

Python
145
star
11

NtlmSocks

a pass-the-hash tool
Go
107
star
12

SerialWriter

SerialWriter is an incomplete implementation of Java serialization for study of Java deserialization vulnerabilities.
Java
101
star
13

ptyshell

A reverse PTY shell in C
C
100
star
14

openssh-7.6p1-patch

a patched sshd for red team activities
C
81
star
15

getpass

a mini tool to dump password and NTLM hash from WDigest & MSV1_0 & tspkg, as a result of study of mimikatz
C++
76
star
16

dcpwn

an impacket-dependent script exploiting CVE-2019-1040
Python
72
star
17

mscache

a tool to manipulate dcc(domain cached credentials) in windows registry, based mainly on the work of mimikatz and impacket
Python
67
star
18

KerberosUserEnum

Kerberos accounts enumeration taking advantage of AS-REQ
Python
43
star
19

Papers

Papers
34
star
20

CVE-2018-20250

010 Editor template for ACE archive format & CVE-2018-2025[0-3]
Python
25
star
21

sunburst_decoder

SUNBURST DGA decoder
C#
11
star
22

cisco_ppc_rsp

A debugger in Python for Cisco c3560
Python
10
star