Alternatives and similar repositories for ebpf-for-windows-demo

Users that are interested in ebpf-for-windows-demo are comparing it to the libraries listed below

• microsoft / SysinternalsEBPF
  The Linux port of the Sysinternals Sysmon tool.
  ☆277Updated last month
• microsoft / usersim
  ☆98Updated this week
• microsoft / ntosebpfext
  eBPF-For-Windows extension to provide access to Windows kernel functionality
  ☆31Updated this week
• microsoft / wdkmetadata
  Tooling to generate metadata for Win32 APIs in the Windows Driver Kit (WDK).
  ☆104Updated 8 months ago
• microsoft / xdp-for-windows
  XDP speeds up networking on Windows
  ☆430Updated this week
• zodiacon / TraceConnections
  Simple example for getting started with eBPF for Windows
  ☆48Updated 8 months ago
• microsoft / tracelogging
  TraceLogging events and tracing
  ☆56Updated 5 months ago
• zodiacon / TotalPE
  Yet another PE Viewer
  ☆141Updated 2 years ago
• EaseFilterSDK / mini-filter-driver-framework
  A mini filter driver development framework allows you to develop minit filter driver with different features.
  ☆61Updated 6 months ago
• microsoft / ndis-driver-library
  Code to make it easier to write an NDIS network driver on Windows
  ☆89Updated 2 years ago
• zodiacon / ApiSetView
  API Set Viewer
  ☆90Updated 9 months ago
• microsoft / SysmonCommon
  The common parts of the Sysinternals Sysmon tool shared between the Windows and Linux versions.
  ☆64Updated 9 months ago
• TimMisiak / windup
  WinDbg installer/updater
  ☆41Updated 2 years ago
• microsoft / mu_msvm
  VM firmware pkg for Project Mu
  ☆43Updated 3 weeks ago
• microsoft / SandboxSecurityTools
  Security testing tools for Windows sandboxing technologies
  ☆173Updated 5 months ago
• microsoft / Windows-Driver-Developer-Supplemental-Tools
  Supplemental open-source components for use in developing device drivers for Windows.
  ☆67Updated 2 months ago
• Biswa96 / TraceEvent
  Trace events in real time sessions
  ☆44Updated 2 years ago
• lowleveldesign / comon
  A WinDbg extension to trace COM interactions
  ☆121Updated 2 months ago
• zodiacon / WFPExplorer
  Windows Filtering Platform Explorer
  ☆299Updated 2 months ago
• zodiacon / ObjMgrProjFS
  Projected File System Sample (Object Manager Namespace)
  ☆37Updated last year
• zodiacon / eBPFStudio
  Work with eBPF on Windows
  ☆40Updated 8 months ago
• microsoft / eventtracing-processing-samples
  Sample code demonstrating use cases of the Microsoft.Windows.EventTracing.Processing.All nuget package.
  ☆48Updated last month
• zodiacon / syllabi
  ☆63Updated last year
• repnz / etw-providers-docs
  Document ETW providers
  ☆256Updated 5 years ago
• zodiacon / winsta
  Show Window Stations, Desktops and top level windows
  ☆17Updated 2 years ago
• mstange / symsrv
  Download pdbs from symbol servers and cache locally, parse symbol paths from env vars
  ☆20Updated 7 months ago
• kobykahane / NpEtw
  Named pipe I/O ETW provider for Windows
  ☆71Updated 5 years ago
• zodiacon / InfStudio
  INF Studio for easier working with driver installation files
  ☆38Updated last year
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆111Updated 4 months ago
• trailofbits / uthenticode
  A cross-platform library for verifying Authenticode signatures
  ☆158Updated 2 months ago