Basically a KrabsETW rip-off written in Rust
☆90Oct 20, 2025Updated 6 months ago
Alternatives and similar repositories for ferrisetw
Users that are interested in ferrisetw are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A Rust library for parsing and evaluating Sigma rules☆21Nov 26, 2025Updated 5 months ago
- Allows Rust code to log events to ETW☆132Dec 18, 2025Updated 4 months ago
- Windows Kernel Driver library for Rust developers☆36Jan 23, 2021Updated 5 years ago
- ☆23Oct 9, 2024Updated last year
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 6 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.☆763Apr 14, 2026Updated 3 weeks ago
- Experiments involving the Windows Hypervisor Platform☆23Jun 24, 2020Updated 5 years ago
- A minimalistic logger for Windows Kernel Drivers.☆24Mar 8, 2024Updated 2 years ago
- Sysmon-Like research tool for ETW☆388Nov 15, 2022Updated 3 years ago
- Rust bindings for VirusTotal/Yara☆81Apr 28, 2026Updated last week
- ☆11May 3, 2026Updated last week
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated 2 years ago
- Reflective DLL self-loading as a library☆21May 3, 2025Updated last year
- ☆21Nov 19, 2025Updated 5 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 6 months ago
- Statically link the vcruntime☆39Nov 25, 2025Updated 5 months ago
- Rust FFI bindings for Native API☆128Feb 10, 2026Updated 2 months ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆64Jun 23, 2025Updated 10 months ago
- Run Processes as PPL with ELAM☆176Mar 17, 2022Updated 4 years ago
- Utility functions for building Windows kernel drivers in Rust☆21Nov 16, 2021Updated 4 years ago
- ☆19Jan 12, 2020Updated 6 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)☆332Jul 7, 2024Updated last year
- AMD Hypervisor written writh Rust.☆166Sep 14, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆236Mar 23, 2023Updated 3 years ago
- Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.☆11May 31, 2022Updated 3 years ago
- ☆70Feb 6, 2025Updated last year
- Monitor ETW events for Windows process mitigation policies, with stack traces☆31Oct 7, 2022Updated 3 years ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- A Windows kernel dump C++ parser library with Python 3 bindings.☆215Oct 5, 2025Updated 7 months ago
- Efficient wildcard matching against strings☆15May 21, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A fast, deterministic, non-cryptographic hash for use in hash tables for Rust☆15Jan 12, 2021Updated 5 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 5 years ago
- Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.☆20Nov 28, 2023Updated 2 years ago
- A parser for Microsoft PDB (Program Database) debugging information☆463Mar 23, 2026Updated last month
- Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)☆580Jun 5, 2023Updated 2 years ago
- A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.☆48Apr 17, 2026Updated 3 weeks ago
- dump all available information from PDBs☆136Apr 6, 2024Updated 2 years ago