Command line tool to analyze one/many ETW file/s with simple queries for common issues.
☆136Mar 6, 2026Updated 2 months ago
Alternatives and similar repositories for ETWAnalyzer
Users that are interested in ETWAnalyzer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆49Mar 7, 2026Updated 2 months ago
- Sample code demonstrating use cases of the Microsoft.Windows.EventTracing NuGet package.☆52Sep 8, 2025Updated 8 months ago
- WMI Activity and Query Monitoring☆37Dec 14, 2022Updated 3 years ago
- Tool and library to convert ETW logs to JSON files☆93Sep 23, 2022Updated 3 years ago
- DTrace for Windows in userspace; Frontend to ETW☆27Oct 4, 2022Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Document ETW providers☆297Mar 28, 2020Updated 6 years ago
- Various Windows Performance files, scripts, settings and documents☆39Aug 19, 2025Updated 8 months ago
- ProcessHollowing via csharp☆13Dec 21, 2021Updated 4 years ago
- CPU Stress v3.0☆41Feb 5, 2024Updated 2 years ago
- User interface for recording and managing ETW traces☆1,663May 28, 2025Updated 11 months ago
- Host of debugging-related extensions such as post-mortem tools or WinDBG extensions☆220May 1, 2026Updated last week
- ETW logging via C++☆21Nov 8, 2019Updated 6 years ago
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆333May 2, 2024Updated 2 years ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆18Jun 29, 2024Updated last year
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This is a repo for small, useful scripts and extensions☆260Jun 1, 2023Updated 2 years ago
- Reversing and reimplementing "powercfg /requests" using Native API☆31Jul 25, 2024Updated last year
- .NET library for logging data via EventSource/ETW☆88Nov 28, 2022Updated 3 years ago
- This repository includes the parsers necessary for Microsoft Network Monitor to parse etl logs generated by Packet Monitor (Pktmon).☆23Aug 30, 2022Updated 3 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- Example of building an application verifer DLL☆51Jun 1, 2024Updated last year
- ☆13Jan 21, 2019Updated 7 years ago
- INF Studio for easier working with driver installation files☆39Nov 11, 2023Updated 2 years ago
- Sample script to patch WinRE☆10Feb 7, 2023Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Process inject technique "Thread hijacking" via csharp☆15Dec 18, 2021Updated 4 years ago
- KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.☆763Apr 14, 2026Updated 3 weeks ago
- PerfView is a CPU and memory performance-analysis tool☆4,676Apr 24, 2026Updated 2 weeks ago
- Software Development Kit for the Microsoft Performance ToolKit☆216Mar 9, 2026Updated 2 months ago
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- Console application that creates an HTML report from a Windows user-mode dump file, using WinDBG or CDB debuggers. Although it's been mai…☆55Jun 1, 2025Updated 11 months ago
- Trace events in real time sessions☆47Aug 25, 2023Updated 2 years ago
- A GUI version of the classic PoolMon tool☆123May 19, 2018Updated 7 years ago
- Lightweight CLI test runner for FsCheck☆12Apr 24, 2020Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Code analysis improvements and context actions☆64Apr 27, 2026Updated last week
- Cross platform Windows PDB Reader for .NET Core to read windows pdb☆18Mar 14, 2020Updated 6 years ago
- Build script for a basic MDT install☆11Dec 7, 2015Updated 10 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- A language independent(!) Powershell Script to remove orphaned AdminCounts on User objects in AD and enable ACL inheritance. Repair User …☆16Jul 17, 2025Updated 9 months ago
- Portable Executable parsing library, used by PEExplorer. Also available as a nuget package☆39Jan 11, 2018Updated 8 years ago
- A post-processing script for TinyTracer☆39Mar 22, 2023Updated 3 years ago