jonny-jhnson/ETWInspector external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

jonny-jhnson/ETWInspector

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jonny-jhnson/ETWInspector)

Close

jonny-jhnson / ETWInspectorView on GitHubMore

• External links
• Readme badge

☆182Apr 24, 2025Updated 11 months ago

Alternatives and similar repositories for ETWInspector

Users that are interested in ETWInspector are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• jonny-jhnson / JonMon

  View on GitHub
  ☆253Jun 7, 2025Updated 9 months ago
• lap1nou / CLR_Heap_encryption

  View on GitHub
  ☆101Oct 7, 2023Updated 2 years ago
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆413Jan 11, 2026Updated 2 months ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆283Sep 18, 2024Updated last year
• Kharos102 / ReadWriteDriverSample

  View on GitHub
  ☆25Apr 28, 2024Updated last year
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• dsnezhkov / shutter

  View on GitHub
  ☆124May 12, 2021Updated 4 years ago
• jonny-jhnson / TelemetrySource

  View on GitHub
  ☆262May 9, 2024Updated last year
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆126Sep 1, 2024Updated last year
• outflanknl / edr-internals

  View on GitHub
  Tools for analyzing EDR agents
  ☆278Jun 10, 2024Updated last year
• YoavLevi / IAT-Tracer

  View on GitHub
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆125Jul 12, 2024Updated last year
• pathtofile / SealighterTI

  View on GitHub
  Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
  ☆198Dec 6, 2022Updated 3 years ago
• pathtofile / Sealighter

  View on GitHub
  Sysmon-Like research tool for ETW
  ☆387Nov 15, 2022Updated 3 years ago
• synacktiv / DLHell

  View on GitHub
  Local & remote Windows DLL Proxying
  ☆174Jun 17, 2024Updated last year
• jdu2600 / Etw-SyscallMonitor

  View on GitHub
  Monitors ETW for security relevant syscalls maintaining the set called by each unique process
  ☆89May 17, 2023Updated 2 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• leftp / BackupCreds

  View on GitHub
  A C# implementation of dumping credentials from Windows Credential Manager
  ☆62Sep 23, 2023Updated 2 years ago
• xforcered / BOFMask

  View on GitHub
  ☆128Jun 28, 2023Updated 2 years ago
• S3cur3Th1sSh1t / Ruy-Lopez

  View on GitHub
  ☆319Jun 28, 2023Updated 2 years ago
• passthehashbrowns / BOFMask

  View on GitHub
  ☆125Jun 28, 2023Updated 2 years ago
• cybersectroll / TrollDump

  View on GitHub
  ☆84May 19, 2024Updated last year
• binderlabs / DirCreate2System

  View on GitHub
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆362Dec 19, 2022Updated 3 years ago
• passthehashbrowns / VectoredExceptionHandling

  View on GitHub
  ☆108Aug 21, 2024Updated last year
• jdu2600 / EtwTi-FluctuationMonitor

  View on GitHub
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆172May 17, 2023Updated 2 years ago
• OffenseTeacher / Steganim

  View on GitHub
  ☆46Jun 21, 2023Updated 2 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ipSlav / DirtyCLR

  View on GitHub
  An App Domain Manager Injection DLL PoC on steroids
  ☆212Dec 14, 2023Updated 2 years ago
• floesen / KExecDD

  View on GitHub
  Admin to Kernel code execution using the KSecDD driver
  ☆264Apr 19, 2024Updated last year
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆374Apr 19, 2023Updated 2 years ago
• blackarrowsec / Handly

  View on GitHub
  Abuse leaked token handles.
  ☆136Dec 14, 2023Updated 2 years ago
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆687Oct 23, 2024Updated last year
• d419h / IconJector

  View on GitHub
  Inject DLLs into the explorer process using icons
  ☆407May 18, 2025Updated 10 months ago
• hackerhouse-opensource / SignToolEx

  View on GitHub
  Patching "signtool.exe" to accept expired certificates for code-signing.
  ☆342Feb 2, 2026Updated last month
• 0xsp-SRD / MDE_Enum

  View on GitHub
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆211Jun 10, 2024Updated last year
• DebugPrivilege / InsightEngineering

  View on GitHub
  Hardcore Debugging
  ☆938Jan 6, 2026Updated 2 months ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• Cracked5pider / LdrLibraryEx

  View on GitHub
  A small x64 library to load dll's into memory.
  ☆459Nov 6, 2023Updated 2 years ago
• thefLink / Hunt-Sleeping-Beacons

  View on GitHub
  Aims to identify sleeping beacons
  ☆664Jan 25, 2026Updated 2 months ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆234Oct 18, 2022Updated 3 years ago
• janoglezcampos / llvm-yx-callobfuscator

  View on GitHub
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆324Jan 17, 2024Updated 2 years ago
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆263Jun 29, 2024Updated last year
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆258May 10, 2023Updated 2 years ago
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆810Sep 4, 2024Updated last year