Siemens-Healthineers / ETWAnalyzerView external linksLinks
Command line tool to analyze one/many ETW file/s with simple queries for common issues.
☆127Jan 26, 2026Updated 3 weeks ago
Alternatives and similar repositories for ETWAnalyzer
Users that are interested in ETWAnalyzer are comparing it to the libraries listed below
Sorting:
- ☆48Sep 24, 2025Updated 4 months ago
- Tool and library to convert ETW logs to JSON files☆91Sep 23, 2022Updated 3 years ago
- DTrace for Windows in userspace; Frontend to ETW☆27Oct 4, 2022Updated 3 years ago
- WMI Activity and Query Monitoring☆35Dec 14, 2022Updated 3 years ago
- Document ETW providers☆267Mar 28, 2020Updated 5 years ago
- ETW logging via C++☆21Nov 8, 2019Updated 6 years ago
- Monitors ETW for security relevant syscalls maintaining the set called by each unique process☆87May 17, 2023Updated 2 years ago
- Various Windows Performance files, scripts, settings and documents☆39Aug 19, 2025Updated 5 months ago
- This is a repo for small, useful scripts and extensions☆258Jun 1, 2023Updated 2 years ago
- .NET library for logging data via EventSource/ETW☆88Nov 28, 2022Updated 3 years ago
- Sampling profiler for native applications on Windows, based on ETW☆75Jul 25, 2025Updated 6 months ago
- User interface for recording and managing ETW traces☆1,647May 28, 2025Updated 8 months ago
- ☆17Jun 30, 2020Updated 5 years ago
- Cheat Engine alternative written in Rust☆12Nov 15, 2022Updated 3 years ago
- This is a ring -1 header framework in order to simplify the creation of hypervisors on SVM☆28Nov 6, 2023Updated 2 years ago
- ☆14May 9, 2017Updated 8 years ago
- ProcessHollowing via csharp☆13Dec 21, 2021Updated 4 years ago
- Console application that creates an HTML report from a Windows user-mode dump file, using WinDBG or CDB debuggers. Although it's been mai…☆54Jun 1, 2025Updated 8 months ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆329May 2, 2024Updated last year
- Host of debugging-related extensions such as post-mortem tools or WinDBG extensions☆219Nov 27, 2021Updated 4 years ago
- ☆12Jan 21, 2019Updated 7 years ago
- Various short scripts and tools used for Digital Forensics☆14Apr 13, 2025Updated 10 months ago
- Simple tool to add imports recovered by VMSweeper (by Vamit) to VMProtect dump file☆14Jun 27, 2017Updated 8 years ago
- Windows Registry☆35Jul 14, 2025Updated 7 months ago
- Tool to extract contents from the memory of Windows systems.☆13Jul 4, 2023Updated 2 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆17Jun 29, 2024Updated last year
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- Portable Executable parsing library, used by PEExplorer. Also available as a nuget package☆36Jan 11, 2018Updated 8 years ago
- KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.��☆750Dec 15, 2025Updated 2 months ago
- Java JNA wrapper for Parsec SDK☆14Mar 30, 2020Updated 5 years ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- ☆17Feb 23, 2023Updated 2 years ago
- This repo contains miscellaneous tools to aid in your malware analysis.☆13Mar 2, 2021Updated 4 years ago
- Simplifier vmp ultra☆19Dec 9, 2023Updated 2 years ago
- DENUVO v1-v2 Virtual Machine profiling tool and Electronic Arts Origin decoder☆52Sep 12, 2025Updated 5 months ago
- HIDer allows you to manage HidGuardian in order to hide chosen controllers from being seen by games/applications.☆17Feb 16, 2018Updated 8 years ago
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Aug 11, 2023Updated 2 years ago
- 内核crash分析☆22Oct 5, 2023Updated 2 years ago
- ☆18Mar 28, 2023Updated 2 years ago