lowleveldesign/wtrace external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

lowleveldesign/wtrace

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/lowleveldesign/wtrace)

Close

lowleveldesign / wtraceView on GitHubMore

• External links
• Readme badge

Command line tracing tool for Windows, based on ETW.

☆693Oct 15, 2025Updated 6 months ago

Alternatives and similar repositories for wtrace

Users that are interested in wtrace are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• lowleveldesign / send2procmon

  View on GitHub
  A command line tool that sends its input data to a running procmon instance.
  ☆16Feb 24, 2017Updated 9 years ago
• goldshtn / etrace

  View on GitHub
  Command-line tool for ETW tracing on files and real-time events
  ☆148Feb 27, 2019Updated 7 years ago
• microsoft / krabsetw

  View on GitHub
  KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
  ☆760Apr 14, 2026Updated 3 weeks ago
• microsoft / DbgShell

  View on GitHub
  A PowerShell front-end for the Windows debugger engine.
  ☆697Apr 3, 2024Updated 2 years ago
• marcusbotacin / BranchMonitoringProject

  View on GitHub
  A branch-monitor-based solution for process monitoring.
  ☆138Feb 9, 2020Updated 6 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• imugee / pegasus

  View on GitHub
  reverse engineering extension plugin for windbg
  ☆122Sep 30, 2019Updated 6 years ago
• ncatlin / rgat

  View on GitHub
  An instruction trace visualisation tool for dynamic program analysis
  ☆370Dec 8, 2022Updated 3 years ago
• int0 / ltmdm64_poc

  View on GitHub
  ☆30May 23, 2017Updated 8 years ago
• google / UIforETW

  View on GitHub
  User interface for recording and managing ETW traces
  ☆1,659May 28, 2025Updated 11 months ago
• zodiacon / DriverMon

  View on GitHub
  Monitor activity of any driver
  ☆353Nov 2, 2020Updated 5 years ago
• mxatone / mitigation-bounty

  View on GitHub
  Old mitigation-bounty code that was applicable to edge before it use webkit/chrome
  ☆87Dec 19, 2016Updated 9 years ago
• CyberPoint / Ruxcon2016ETW

  View on GitHub
  Ruxcon2016 POC Code
  ☆141Nov 21, 2016Updated 9 years ago
• goldshtn / minidumper

  View on GitHub
  Write minidumps of .NET processes with full memory, only CLR heaps, or no memory at all
  ☆222Mar 15, 2019Updated 7 years ago
• K2 / EhTrace

  View on GitHub
  ATrace is a tool for tracing execution of binaries on Windows.
  ☆241Nov 19, 2025Updated 5 months ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• fremag / MemoScope.Net

  View on GitHub
  Dump and analyze .Net applications memory ( a gui for WinDbg and ClrMd )
  ☆707Jun 25, 2020Updated 5 years ago
• fireeye / pywintrace

  View on GitHub
  ETW Python Library
  ☆299Aug 11, 2023Updated 2 years ago
• hzqst / Syscall-Monitor

  View on GitHub
  Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+
  ☆749Jun 26, 2017Updated 8 years ago
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,053Sep 24, 2023Updated 2 years ago
• mandiant / SilkETW

  View on GitHub
  ☆834Jun 1, 2023Updated 2 years ago
• tinysec / vulnerability

  View on GitHub
  windows kernel vulnerability found by me
  ☆89Aug 28, 2017Updated 8 years ago
• googleprojectzero / sandbox-attacksurface-analysis-tools

  View on GitHub
  Set of tools to analyze Windows sandboxes for exposed attack surface.
  ☆2,285Nov 6, 2025Updated 5 months ago
• lowleveldesign / dotnet-wtrace

  View on GitHub
  A command-line tool for live tracing .NET applications, based on EventPipes.
  ☆187Jul 7, 2025Updated 9 months ago
• zodiacon / PEParser

  View on GitHub
  Portable Executable parsing library, used by PEExplorer. Also available as a nuget package
  ☆39Jan 11, 2018Updated 8 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• REhints / WinDbg

  View on GitHub
  ☆111Jul 16, 2016Updated 9 years ago
• changeofpace / Remote-Process-Cookie-for-Windows-7

  View on GitHub
  Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
  ☆23May 31, 2017Updated 8 years ago
• lowleveldesign / debug-recipes

  View on GitHub
  My notes on software troubleshooting, covering debugging and tracing techniques and tools. Available at wtrace.net.
  ☆347Feb 26, 2026Updated 2 months ago
• szimeus / evalyzer

  View on GitHub
  Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection
  ☆82Mar 22, 2017Updated 9 years ago
• zodiacon / ALPCLogger

  View on GitHub
  Log ALPC activity
  ☆85Sep 23, 2023Updated 2 years ago
• lowleveldesign / takedetour

  View on GitHub
  A template (and a sample) for writing tracers on Windows. Based on the Detours library.
  ☆31Mar 14, 2024Updated 2 years ago
• zodiacon / NtfsStreams

  View on GitHub
  Viewing NTFS alternate streams in files
  ☆33Jul 19, 2017Updated 8 years ago
• sam-b / windows_syscalls_dumper

  View on GitHub
  A dirty IDAPython script to dump windows system call number/name pairs as JSON
  ☆36Feb 13, 2017Updated 9 years ago
• RISCYBusiness / Jadoube

  View on GitHub
  ☆22Jul 7, 2017Updated 8 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• progmboy / cansecwest2017

  View on GitHub
  ☆63Apr 13, 2017Updated 9 years ago
• rabbitstack / fibratus

  View on GitHub
  Adversary tradecraft detection, protection, and hunting
  ☆2,449Apr 27, 2026Updated last week
• swwwolf / wdbgark

  View on GitHub
  WinDBG Anti-RootKit Extension
  ☆644Jul 29, 2020Updated 5 years ago
• zodiacon / ProcMonX

  View on GitHub
  Extended Process Monitor-like tool based on Event Tracing for Windows
  ☆475Nov 29, 2019Updated 6 years ago
• microsoft / clrmd

  View on GitHub
  Microsoft.Diagnostics.Runtime is a set of APIs for introspecting processes and dumps.
  ☆1,146Updated this week
• sensepost / gdi-palettes-exp

  View on GitHub
  DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects
  ☆147Jul 30, 2017Updated 8 years ago
• sensepost / ms16-098

  View on GitHub
  Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow
  ☆92Apr 20, 2017Updated 9 years ago