Alternatives and similar repositories for ebpf-for-windows-demo

Users that are interested in ebpf-for-windows-demo are comparing it to the libraries listed below

• zodiacon / TraceConnections
  Simple example for getting started with eBPF for Windows
  ☆44Updated 3 months ago
• microsoft / usersim
  ☆83Updated 2 weeks ago
• microsoft / ntosebpfext
  eBPF-For-Windows extension to provide access to Windows kernel functionality
  ☆26Updated last week
• TimMisiak / windup
  WinDbg installer/updater
  ☆41Updated last year
• microsoft / SysinternalsEBPF
  The Linux port of the Sysinternals Sysmon tool.
  ☆262Updated 2 months ago
• microsoft / wdkmetadata
  Tooling to generate metadata for Win32 APIs in the Windows Driver Kit (WDK).
  ☆101Updated 3 months ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆107Updated 2 weeks ago
• lowleveldesign / comon
  A WinDbg extension to trace COM interactions
  ☆114Updated last year
• EaseFilterSDK / mini-filter-driver-framework
  A mini filter driver development framework allows you to develop minit filter driver with different features.
  ☆48Updated last month
• microsoft / SysmonCommon
  The common parts of the Sysinternals Sysmon tool shared between the Windows and Linux versions.
  ☆63Updated 4 months ago
• Biswa96 / TraceEvent
  Trace events in real time sessions
  ☆45Updated last year
• microsoft / tracelogging
  TraceLogging events and tracing
  ☆53Updated 2 weeks ago
• microsoft / OHCL-Linux-Kernel
  OpenHCL Linux Kernel
  ☆14Updated last week
• 0mWindyBug / RansomGuard
  anti-ransomware file-system filter
  ☆59Updated 8 months ago
• microsoft / SandboxSecurityTools
  Security testing tools for Windows sandboxing technologies
  ☆169Updated 3 weeks ago
• microsoft / ETW2JSON
  Tool and library to convert ETW logs to JSON files
  ☆89Updated 2 years ago
• socjordi / sauron
  Windows Monitoring Agent (process creation + DLL loading monitor + network monitor + file system access monitor + etc)
  ☆61Updated 6 years ago
• microsoft / mu_msvm
  VM firmware pkg for Project Mu
  ☆41Updated this week
• microsoft / LinuxTracepoints
  C/C++ libraries for working with Linux Tracepoints and user_events
  ☆43Updated 2 months ago
• microsoft / eventtracing-processing-samples
  Sample code demonstrating use cases of the Microsoft.Windows.EventTracing.Processing.All nuget package.
  ☆45Updated last year
• vmware / kernel-event-collector-module
  This is the Linux kernel module event collector for the Carbon Black Cloud.
  ☆18Updated last year
• kobykahane / NpEtw
  Named pipe I/O ETW provider for Windows
  ☆70Updated 4 years ago
• zodiacon / syllabi
  ☆61Updated last year
• zodiacon / InfStudio
  INF Studio for easier working with driver installation files
  ☆38Updated last year
• rmccrystal / winkernel-rs
  Utility functions for building Windows kernel drivers in Rust
  ☆21Updated 3 years ago
• KnicKnic / native-powershell
  A C DLL that can control powershell
  ☆45Updated 5 years ago
• pathtofile / bpf-pipesnoop
  Example program using eBPF to log data being based in using shell pipes
  ☆41Updated 4 years ago
• ionescu007 / tpmtool
  The TpmTool utility is a simple cross-platform tool for accessing TPM2.0 Non-Volatile (NV) Spaces (Index Values) on compliant systems, wi…
  ☆144Updated 3 years ago
• zodiacon / winsta
  Show Window Stations, Desktops and top level windows
  ☆15Updated last year
• elastic / ebpf
  Elastic's eBPF
  ☆68Updated last month