CyberPoint/Ruxcon2016ETW external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

CyberPoint/Ruxcon2016ETW

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/CyberPoint/Ruxcon2016ETW)

Close

CyberPoint / Ruxcon2016ETWView on GitHubMore

• External links
• Readme badge

Ruxcon2016 POC Code

☆141Nov 21, 2016Updated 9 years ago

Alternatives and similar repositories for Ruxcon2016ETW

Users that are interested in Ruxcon2016ETW are comparing it to the libraries listed below

• microsoft / krabsetw

  View on GitHub
  KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
  ☆753Dec 15, 2025Updated 2 months ago
• packetzero / etwrealtime

  View on GitHub
  Example of real-time Windows ETW packet capture session
  ☆54Jul 12, 2017Updated 8 years ago
• hasherezade / challs

  View on GitHub
  My solutions for random crackmes and other challenges
  ☆12Dec 23, 2019Updated 6 years ago
• CyberPoint / ETWKeyLogger_PSE

  View on GitHub
  PowerShell Empire module for logging USB keystrokes via ETW
  ☆32Nov 11, 2016Updated 9 years ago
• int0 / ltmdm64_poc

  View on GitHub
  ☆30May 23, 2017Updated 8 years ago
• ihamburglar / dotnetover.net

  View on GitHub
  https://jimshaver.net/2018/02/22/net-over-net-breaking-the-boundaries-of-the-net-framework/
  ☆19Feb 23, 2018Updated 8 years ago
• tandasat / cs_driver

  View on GitHub
  A sample project for using Capstone from a driver in Visual Studio 2015
  ☆36May 4, 2016Updated 9 years ago
• RISCYBusiness / Jadoube

  View on GitHub
  ☆22Jul 7, 2017Updated 8 years ago
• HuskyHacks / RustyTokenManipulation

  View on GitHub
  just manipulatin these here tokens yes sir nothing weird
  ☆22Apr 18, 2022Updated 3 years ago
• brock7 / winpooch

  View on GitHub
  ☆10Mar 30, 2016Updated 9 years ago
• hcyang1012 / SecurityMonitor

  View on GitHub
  ☆12Feb 19, 2017Updated 9 years ago
• russellklenk / ETW

  View on GitHub
  Event Tracing for Windows Custom Events
  ☆21Jan 28, 2015Updated 11 years ago
• IgorKorkin / AllMemPro

  View on GitHub
  AllMemPro
  ☆46Jan 15, 2018Updated 8 years ago
• yaniswang / dHosts

  View on GitHub
  ☆13Jun 20, 2013Updated 12 years ago
• goldshtn / etrace

  View on GitHub
  Command-line tool for ETW tracing on files and real-time events
  ☆148Feb 27, 2019Updated 7 years ago
• chango77747 / ShellCodeInjector_MsBuild

  View on GitHub
  ☆18Jan 27, 2018Updated 8 years ago
• int0 / pinlog

  View on GitHub
  API logger plugin for Intel Pintool
  ☆14Nov 19, 2017Updated 8 years ago
• pathtofile / Sealighter

  View on GitHub
  Sysmon-Like research tool for ETW
  ☆384Nov 15, 2022Updated 3 years ago
• pathtofile / SealighterTI

  View on GitHub
  Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
  ☆197Dec 6, 2022Updated 3 years ago
• ionescu007 / HookingNirvana

  View on GitHub
  Recon 2015 Presentation from Alex Ionescu
  ☆250Jan 27, 2016Updated 10 years ago
• endgameinc / ClrGuard

  View on GitHub
  ☆220Apr 2, 2018Updated 7 years ago
• MagnetForensics / SwishDbgExt

  View on GitHub
  Incident Response & Digital Forensics Debugging Extension
  ☆389Dec 11, 2018Updated 7 years ago
• zodiacon / EtwExplorer

  View on GitHub
  View ETW Provider manifest
  ☆574Nov 1, 2024Updated last year
• gabriellandau / ShadowStackWalk

  View on GitHub
  Finding Truth in the Shadows
  ☆123Jan 26, 2023Updated 3 years ago
• legiar / diskcryptor

  View on GitHub
  DiskCryptor - it's a free solution that allows you to encrypt disk partitions, including system partition.
  ☆17Dec 7, 2011Updated 14 years ago
• eyalfishler / CrystalCPUID

  View on GitHub
  use crystalCPUID to identify vt-x & amd-v
  ☆17Apr 8, 2015Updated 10 years ago
• 0x3a / tools

  View on GitHub
  A collection of tools mostly written in Python.
  ☆15Feb 4, 2015Updated 11 years ago
• sogeti-esec-lab / LKD

  View on GitHub
  Local Kernel Debugger (LKD) is a python wrapper around dbgengine.dll
  ☆92Aug 22, 2016Updated 9 years ago
• secrary / Hooking-via-InstrumentationCallback

  View on GitHub
  codes for my blog post: https://secrary.com/Random/InstrumentationCallback/
  ☆183Nov 30, 2017Updated 8 years ago
• n3k / EKOParty2015_Windows_SMEP_Bypass

  View on GitHub
  Windows SMEP Bypass U=S
  ☆38Apr 8, 2016Updated 9 years ago
• tandasat / ListWorkItems

  View on GitHub
  Lists work items being queued currently.
  ☆14Jun 7, 2015Updated 10 years ago
• Eva1216 / IPC

  View on GitHub
  Intel-Process communitation
  ☆10Feb 27, 2017Updated 9 years ago
• JLospinoso / gargoyle

  View on GitHub
  A memory scanning evasion technique
  ☆899May 24, 2017Updated 8 years ago
• WalkingCat / ExpDiff

  View on GitHub
  Diff tool for comparing export tables in PE images
  ☆24Mar 4, 2020Updated 5 years ago
• LetUsFsck / PoC-Exploit-Mirror

  View on GitHub
  Archive Mirror for recently republished PoC/Exploit code
  ☆20Nov 26, 2017Updated 8 years ago
• mandiant / SilkETW

  View on GitHub
  ☆825Jun 1, 2023Updated 2 years ago
• Genetic-Malware / Ebowla

  View on GitHub
  Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)
  ☆760Jan 28, 2019Updated 7 years ago
• wbenny / EtwConsumerNT

  View on GitHub
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆146Feb 23, 2019Updated 7 years ago
• jdu2600 / Windows10EtwEvents

  View on GitHub
  Events from all manifest-based and mof-based ETW providers across Windows 10 versions
  ☆329May 2, 2024Updated last year