lowleveldesign/wtrace external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

lowleveldesign/wtrace

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/lowleveldesign/wtrace)

Close

lowleveldesign / wtraceView on GitHubMore

• External links
• Readme badge

Command line tracing tool for Windows, based on ETW.

☆690Oct 15, 2025Updated 5 months ago

Alternatives and similar repositories for wtrace

Users that are interested in wtrace are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• lowleveldesign / send2procmon

  View on GitHub
  A command line tool that sends its input data to a running procmon instance.
  ☆16Feb 24, 2017Updated 9 years ago
• goldshtn / etrace

  View on GitHub
  Command-line tool for ETW tracing on files and real-time events
  ☆148Feb 27, 2019Updated 7 years ago
• microsoft / krabsetw

  View on GitHub
  KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
  ☆755Mar 9, 2026Updated 2 weeks ago
• microsoft / DbgShell

  View on GitHub
  A PowerShell front-end for the Windows debugger engine.
  ☆694Apr 3, 2024Updated last year
• marcusbotacin / BranchMonitoringProject

  View on GitHub
  A branch-monitor-based solution for process monitoring.
  ☆138Feb 9, 2020Updated 6 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• imugee / pegasus

  View on GitHub
  reverse engineering extension plugin for windbg
  ☆122Sep 30, 2019Updated 6 years ago
• ncatlin / rgat

  View on GitHub
  An instruction trace visualisation tool for dynamic program analysis
  ☆370Dec 8, 2022Updated 3 years ago
• int0 / ltmdm64_poc

  View on GitHub
  ☆30May 23, 2017Updated 8 years ago
• google / UIforETW

  View on GitHub
  User interface for recording and managing ETW traces
  ☆1,651May 28, 2025Updated 9 months ago
• zodiacon / DriverMon

  View on GitHub
  Monitor activity of any driver
  ☆352Nov 2, 2020Updated 5 years ago
• mxatone / mitigation-bounty

  View on GitHub
  Old mitigation-bounty code that was applicable to edge before it use webkit/chrome
  ☆87Dec 19, 2016Updated 9 years ago
• CyberPoint / Ruxcon2016ETW

  View on GitHub
  Ruxcon2016 POC Code
  ☆141Nov 21, 2016Updated 9 years ago
• goldshtn / minidumper

  View on GitHub
  Write minidumps of .NET processes with full memory, only CLR heaps, or no memory at all
  ☆222Mar 15, 2019Updated 7 years ago
• K2 / EhTrace

  View on GitHub
  ATrace is a tool for tracing execution of binaries on Windows.
  ☆241Nov 19, 2025Updated 4 months ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• fremag / MemoScope.Net

  View on GitHub
  Dump and analyze .Net applications memory ( a gui for WinDbg and ClrMd )
  ☆709Jun 25, 2020Updated 5 years ago
• fireeye / pywintrace

  View on GitHub
  ETW Python Library
  ☆293Aug 11, 2023Updated 2 years ago
• hzqst / Syscall-Monitor

  View on GitHub
  Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+
  ☆747Jun 26, 2017Updated 8 years ago
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,049Sep 24, 2023Updated 2 years ago
• mandiant / SilkETW

  View on GitHub
  ☆826Jun 1, 2023Updated 2 years ago
• tinysec / vulnerability

  View on GitHub
  windows kernel vulnerability found by me
  ☆89Aug 28, 2017Updated 8 years ago
• googleprojectzero / sandbox-attacksurface-analysis-tools

  View on GitHub
  Set of tools to analyze Windows sandboxes for exposed attack surface.
  ☆2,274Nov 6, 2025Updated 4 months ago
• lowleveldesign / dotnet-wtrace

  View on GitHub
  A command-line tool for live tracing .NET applications, based on EventPipes.
  ☆184Jul 7, 2025Updated 8 months ago
• zodiacon / PEParser

  View on GitHub
  Portable Executable parsing library, used by PEExplorer. Also available as a nuget package
  ☆36Jan 11, 2018Updated 8 years ago
• NordVPN Threat Protection Pro™ • Ad
  Take your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
• REhints / WinDbg

  View on GitHub
  ☆111Jul 16, 2016Updated 9 years ago
• changeofpace / Remote-Process-Cookie-for-Windows-7

  View on GitHub
  Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.
  ☆23May 31, 2017Updated 8 years ago
• lowleveldesign / debug-recipes

  View on GitHub
  My notes on software troubleshooting, covering debugging and tracing techniques and tools. Available at wtrace.net.
  ☆345Feb 26, 2026Updated 3 weeks ago
• szimeus / evalyzer

  View on GitHub
  Using WinDBG to tap into JavaScript and help with deobfuscation and browser exploit detection
  ☆82Mar 22, 2017Updated 9 years ago
• zodiacon / ALPCLogger

  View on GitHub
  Log ALPC activity
  ☆85Sep 23, 2023Updated 2 years ago
• zodiacon / NtfsStreams

  View on GitHub
  Viewing NTFS alternate streams in files
  ☆33Jul 19, 2017Updated 8 years ago
• sam-b / windows_syscalls_dumper

  View on GitHub
  A dirty IDAPython script to dump windows system call number/name pairs as JSON
  ☆36Feb 13, 2017Updated 9 years ago
• RISCYBusiness / Jadoube

  View on GitHub
  ☆22Jul 7, 2017Updated 8 years ago
• progmboy / cansecwest2017

  View on GitHub
  ☆63Apr 13, 2017Updated 8 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• rabbitstack / fibratus

  View on GitHub
  Adversary tradecraft detection, protection, and hunting
  ☆2,434Mar 13, 2026Updated last week
• swwwolf / wdbgark

  View on GitHub
  WinDBG Anti-RootKit Extension
  ☆645Jul 29, 2020Updated 5 years ago
• zodiacon / ProcMonX

  View on GitHub
  Extended Process Monitor-like tool based on Event Tracing for Windows
  ☆474Nov 29, 2019Updated 6 years ago
• microsoft / clrmd

  View on GitHub
  Microsoft.Diagnostics.Runtime is a set of APIs for introspecting processes and dumps.
  ☆1,134Updated this week
• sensepost / gdi-palettes-exp

  View on GitHub
  DC25 5A1F - Demystifying Windows Kernel Exploitation by Abusing GDI Objects
  ☆147Jul 30, 2017Updated 8 years ago
• sensepost / ms16-098

  View on GitHub
  Windows 8.1 x64 Exploit for MS16-098 RNGOBJ_Integer_Overflow
  ☆92Apr 20, 2017Updated 8 years ago
• microsoft / binskim

  View on GitHub
  A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
  ☆842Updated this week