Alternatives and similar repositories for WinTools:

Users that are interested in WinTools are comparing it to the libraries listed below

• jdu2600 / Windows10EtwEvents
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆295Updated last year
• kobykahane / NpEtw
  Named pipe I/O ETW provider for Windows
  ☆70Updated 4 years ago
• repnz / etw-providers-docs
  Document ETW providers
  ☆230Updated 5 years ago
• pathtofile / PPLRunner
  Run Processes as PPL with ELAM
  ☆161Updated 3 years ago
• zodiacon / ApiSetView
  API Set Viewer
  ☆89Updated 3 months ago
• zodiacon / EtwExplorer
  View ETW Provider manifest
  ☆482Updated 6 months ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆138Updated 4 years ago
• pathtofile / Sealighter
  Sysmon-Like research tool for ETW
  ☆352Updated 2 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆73Updated 4 months ago
• vagnerpilar / windbgtree
  A command tree based on commands and extensions for Windows Kernel Debugging.
  ☆108Updated 4 years ago
• zodiacon / DotNextSP2019
  DotNext 2019 St. Petersburg Talk Demos
  ☆40Updated 5 years ago
• lowleveldesign / comon
  A WinDbg extension to trace COM interactions
  ☆114Updated last year
• libyal / winreg-kb
  Windows Registry Knowledge Base
  ☆173Updated 6 months ago
• ionescu007 / wnfun
  WNF Utilities 4 Newbies (WNFUN)
  ☆94Updated 6 years ago
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 4 years ago
• zodiacon / BITSManager
  BITS Transfers Manager
  ☆41Updated last month
• MathildeVenault / SysMainView
  This tool is the result of a reverse engineering process of the Windows service called SysMain. Time to interact with the prefetch files …
  ☆31Updated 4 years ago
• EricZimmerman / Lnk
  Lnk file parser
  ☆86Updated 3 months ago
• zodiacon / sysrun
  Run any executable as SYSTEM account (no service required)
  ☆129Updated 11 months ago
• zodiacon / TotalPE2
  PE Viewer
  ☆179Updated 3 months ago
• hfiref0x / SXSEXP
  Expand compressed files from WinSxS folder
  ☆158Updated 10 months ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆140Updated 6 years ago
• zodiacon / syllabi
  ☆61Updated last year
• palantir / exploitguard
  Documentation and supporting script sample for Windows Exploit Guard
  ☆156Updated 3 years ago
• hfiref0x / AuthHashCalc
  Authenticode Hash Calculator for PE32/PE32+ files
  ☆111Updated last year
• yardenshafir / InformationClasses
  Documenting system information classes and their uses
  ☆50Updated 3 years ago
• Biswa96 / TraceEvent
  Trace events in real time sessions
  ☆45Updated last year
• SouhailHammou / Drivers
  Windows Drivers
  ☆97Updated 6 years ago
• Cyb3rWard0g / WinRpcFunctions
  ☆67Updated 2 years ago
• msuiche / LiveCloudKd
  Hyper-V Research is trendy now
  ☆178Updated last year