Basically a KrabsETW rip-off written in Rust
☆86Oct 20, 2025Updated 4 months ago
Alternatives and similar repositories for ferrisetw
Users that are interested in ferrisetw are comparing it to the libraries listed below
Sorting:
- Allows Rust code to log events to ETW☆129Dec 18, 2025Updated 2 months ago
- A Rust library for parsing and evaluating Sigma rules☆19Nov 26, 2025Updated 3 months ago
- A minimalistic logger for Windows Kernel Drivers.☆25Mar 8, 2024Updated 2 years ago
- ☆23Oct 9, 2024Updated last year
- Windows Kernel Driver library for Rust developers☆36Jan 23, 2021Updated 5 years ago
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 10 months ago
- KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.☆753Dec 15, 2025Updated 2 months ago
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 4 months ago
- Rust bindings for VirusTotal/Yara☆80Nov 19, 2025Updated 3 months ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 8 months ago
- Rust FFI bindings for Native API☆123Feb 10, 2026Updated 3 weeks ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆233Mar 23, 2023Updated 2 years ago
- Experiments involving the Windows Hypervisor Platform☆23Jun 24, 2020Updated 5 years ago
- Utility functions for building Windows kernel drivers in Rust☆21Nov 16, 2021Updated 4 years ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- Sysmon-Like research tool for ETW☆386Nov 15, 2022Updated 3 years ago
- A Windows registry file parser written in Rust☆41Oct 30, 2025Updated 4 months ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Experiments on the Windows Internals☆31Sep 22, 2019Updated 6 years ago
- ☆71Feb 6, 2025Updated last year
- ☆11Dec 9, 2025Updated 3 months ago
- Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.☆11May 31, 2022Updated 3 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Tools and dumps related to the Smishing Triad and the USPS smishing campaign from late 2023 into 2024☆11Apr 28, 2024Updated last year
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- Cheat Engine alternative written in Rust☆12Nov 15, 2022Updated 3 years ago
- A library for intel VT-x hypervisor functionality supporting EPT shadowing.☆51Mar 11, 2021Updated 4 years ago
- A dataset with CloudTrail events from an attack simulation using Stratus.☆25Jul 12, 2023Updated 2 years ago
- Writing a replacement for xkb for wayland☆11Updated this week
- Safe Rust API to libesedb☆12Sep 10, 2025Updated 5 months ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- IBM System i (formerly AS400, iSeries, i5, etc.)☆12Feb 10, 2013Updated 13 years ago
- Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)☆325Jul 7, 2024Updated last year
- Statically link the vcruntime☆37Nov 25, 2025Updated 3 months ago
- Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers☆51Jun 1, 2025Updated 9 months ago
- AMD Hypervisor written writh Rust.☆162Sep 14, 2023Updated 2 years ago
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆103Jan 13, 2026Updated last month
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆75Feb 28, 2026Updated last week