Topic: etw Goto Github
Some thing interesting about etw
Some thing interesting about etw
etw,An IDA plugin to deal with Event Tracing for Windows (ETW)
Organization: airbus-cert
etw,Trace ScriptBlock execution for powershell v2
Organization: airbus-cert
etw,A Splunk Technology Add-on to forward filtered ETW events.
Organization: airbus-cert
etw,A wireshark plugin to instrument ETW
Organization: airbus-cert
etw,A simple example application to collect DNS queries logs using etw-api
User: asgarciap
etw,ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
User: damonmohammadbagher
etw,ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
User: damonmohammadbagher
etw,Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
User: damonmohammadbagher
etw,Sampling profiler for native applications on Windows, based on ETW
User: donpedro13
etw,code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).
User: evilbytecode
etw,Two in one, patch lifetime powershell console, no more etw and amsi!
User: evilbytecode
etw,Event Tracing fo Windows (ETW) File Activity Monitor, VB6/twinBASIC x64 port
User: fafalone
etw,Visual Studio Extension and tools to ease development using Event Tracing for Windows (ETW).
User: gix
etw,C/C++ Performance Profiler
Organization: google
Home Page: https://orbitprofiler.com/
etw,让Etwhook再次伟大! Make InfinityHook Great Again!
User: huoji120
Home Page: https://key08.com/
etw,Various Windows Performance files, scripts, settings and documents
User: itoleck
etw,My notes on software troubleshooting, covering debugging and tracing techniques and tools. Available at wtrace.net.
User: lowleveldesign
Home Page: https://wtrace.net/
etw,Collects network traces of .NET applications.
User: lowleveldesign
etw,Command line tracing tool for Windows, based on ETW.
User: lowleveldesign
etw,.NET Logging adaptors
Organization: microsoft
etw,TraceLogging events and tracing
Organization: microsoft
etw,NLog Target for Event Tracing for Windows (ETW)
Organization: nlog
etw,Logs key Windows process performance metrics. #nsacyber
Organization: nsacyber
etw,A small real time SyncML protocol Viewer
User: okieselbach
Home Page: https://oliverkieselbach.com/2019/10/11/windows-10-mdm-client-activity-monitoring-with-syncml-viewer
etw,Open Power Performance Analysis Tool
User: patinnc
Home Page: https://patinnc.github.io/
etw,This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
User: processust
etw,Adversary tradecraft detection, protection, and hunting
User: rabbitstack
Home Page: https://www.fibratus.io
etw,An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
User: scriptidiot
Home Page: https://github.com/ScriptIdiot/BOF-patchit
etw,Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
User: scriptidiot
etw,Command line tool to analyze one/many ETW file/s with simple queries for common issues.
Organization: siemens-healthineers
etw,An ETW EventSource Tracing Core build on .Net Standard 2.0
Organization: swisslife-oss
etw,An Event Tracing for Windows (ETW) EventSource generator built on .Net Core 2.0
Organization: swisslife-oss
etw,Splunk Technology Add-On (TA) for collecting ETW events from Windows systems
User: vector-sec
etw,Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
User: wbenny
etw,The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
User: wecooperate
Home Page: https://trustsing.com/iMonitorSDK
etw,List the ETW provider(s) in the registration table of a process.
User: whokilleddb
etw,Monitor windows kernel event, based on etw, development in rust. A replacement of procmon. more events and useful filter. Typically can check handle leak for a few weeks.
User: wuanzhuan
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.