Go library for ETW (Event Tracing for Windows) events processing
☆74Jul 13, 2022Updated 3 years ago
Alternatives and similar repositories for etw
Users that are interested in etw are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Windows Management Instrumentation (WMI) for Go☆14Aug 6, 2020Updated 5 years ago
- ☆45Sep 22, 2022Updated 3 years ago
- Go wrapper for querying windows version-information resource.☆24Apr 27, 2024Updated last year
- Transfer file over Dns☆10Nov 26, 2024Updated last year
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- easy dll proxying in go☆14Apr 24, 2022Updated 3 years ago
- Provides a multi-platform Graphical User Interface for hashlookup☆12Jul 12, 2024Updated last year
- Document ETW providers☆277Mar 28, 2020Updated 5 years ago
- GoSDDL converter☆11Apr 30, 2019Updated 6 years ago
- Golang package for parsing Windows shell link binary (lnk or Windows shortcut) files.☆39Dec 7, 2025Updated 3 months ago
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year
- Run Processes as PPL with ELAM☆177Mar 17, 2022Updated 4 years ago
- Event Tracing For Windows (ETW) Resources☆421Oct 30, 2025Updated 4 months ago
- go-server 是一个用 Go 语言编写的简单而灵活的服务器框架,旨在帮助开发者快速构建基于 TCP 和 UDP 协议的 socket 网络服务。☆14Dec 8, 2025Updated 3 months ago
- A Golang API for TheHive☆13Sep 3, 2020Updated 5 years ago
- Golang wrappers functions to call Windows APIs☆83Aug 9, 2022Updated 3 years ago
- ☆50May 12, 2021Updated 4 years ago
- A parser for the MFT (Master File Table) format☆157Jan 3, 2026Updated 2 months ago
- Various shell code I have written☆17Oct 9, 2020Updated 5 years ago
- Reflective DLL injection Execution☆20Sep 9, 2022Updated 3 years ago
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆88Mar 11, 2026Updated 2 weeks ago
- APIs for generating STIX 2.1 and TAXII 2.1 messages with Go (Golang)☆59Nov 2, 2025Updated 4 months ago
- A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.☆28Dec 16, 2021Updated 4 years ago
- Process injection techniques written in Go.☆65Jul 1, 2023Updated 2 years ago
- geacon for apt profile☆21Aug 11, 2022Updated 3 years ago
- ☆13Dec 27, 2014Updated 11 years ago
- Dockerfiles for containerized osquery☆14May 23, 2017Updated 8 years ago
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆74Dec 10, 2021Updated 4 years ago
- Golang packer that use process hollowing☆19May 1, 2022Updated 3 years ago
- ☆13Apr 6, 2016Updated 9 years ago
- A pointer scanner for Windows written in Rust☆19Dec 18, 2025Updated 3 months ago
- A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM☆20Jul 19, 2025Updated 8 months ago
- Sigma Rules Engine inside the Linux Kernel using eBPF. Focusing on prevention capabilities☆88Updated this week
- Golang parser for OLE files☆33Dec 4, 2025Updated 3 months ago
- clean interface for the windows event log☆26Mar 15, 2026Updated last week
- Go library for manipulating ACLs on Windows☆129Feb 25, 2023Updated 3 years ago
- 基于golang实现的C/S架构agent,使用gRPC协议,实现执行远程命令就像在本地执行一样,能够保证命令一边执行,一边返回执行结果,支持远程shell与python命令执行,支持并发执行。☆24Jul 20, 2024Updated last year
- Local OXID Resolver (LCLOR) : Research and Tooling☆37May 19, 2021Updated 4 years ago