ntTraceControl — Powershell Event Tracing Toolbox
Want to simulate any ETW logs using powershell, even the security one?
Do you want to import any evtx files into the current eventlog session?
ntTraceControl is a set of Powershell commands to forge/generate Windows logs. Simply put, ntTraceControl supports Detection teams by simplifying the testing of detection use cases and alerts without using complex infrastructure, tools, or the testing of vulnerabilities.
https://github.com/airbus-cert/ntTraceControl
#etw #simulate #powershell #redteam #blueteam
Want to simulate any ETW logs using powershell, even the security one?
Do you want to import any evtx files into the current eventlog session?
ntTraceControl is a set of Powershell commands to forge/generate Windows logs. Simply put, ntTraceControl supports Detection teams by simplifying the testing of detection use cases and alerts without using complex infrastructure, tools, or the testing of vulnerabilities.
https://github.com/airbus-cert/ntTraceControl
#etw #simulate #powershell #redteam #blueteam