n4r1b/ferrisetw external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

n4r1b/ferrisetw

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/n4r1b/ferrisetw)

Close

n4r1b / ferrisetwView on GitHubMore

• External links
• Readme badge

Basically a KrabsETW rip-off written in Rust

☆88Oct 20, 2025Updated 5 months ago

Alternatives and similar repositories for ferrisetw

Users that are interested in ferrisetw are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• jopohl / sigma-rust

  View on GitHub
  A Rust library for parsing and evaluating Sigma rules
  ☆19Nov 26, 2025Updated 4 months ago
• microsoft / rust_win_etw

  View on GitHub
  Allows Rust code to log events to ETW
  ☆130Dec 18, 2025Updated 3 months ago
• hussein-aitlahcen / windows-kernel-rs

  View on GitHub
  Windows Kernel Driver library for Rust developers
  ☆36Jan 23, 2021Updated 5 years ago
• herosi / triage-collector

  View on GitHub
  ☆23Oct 9, 2024Updated last year
• Yamato-Security / sigma-to-hayabusa-converter

  View on GitHub
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆16Oct 22, 2025Updated 5 months ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• microsoft / krabsetw

  View on GitHub
  KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
  ☆756Updated this week
• epakskape / whpexp

  View on GitHub
  Experiments involving the Windows Hypervisor Platform
  ☆23Jun 24, 2020Updated 5 years ago
• not-matthias / kernel-log-rs

  View on GitHub
  A minimalistic logger for Windows Kernel Drivers.
  ☆25Mar 8, 2024Updated 2 years ago
• pathtofile / Sealighter

  View on GitHub
  Sysmon-Like research tool for ETW
  ☆387Nov 15, 2022Updated 3 years ago
• Hugal31 / yara-rust

  View on GitHub
  Rust bindings for VirusTotal/Yara
  ☆81Nov 19, 2025Updated 4 months ago
• Yamato-Security / suzaku-rules

  View on GitHub
  ☆11Dec 9, 2025Updated 3 months ago
• pkptzx / rawcopy-rs

  View on GitHub
  Primarily aimed at replicating files that cannot be directly copied due to being in use.
  ☆11Apr 22, 2024Updated last year
• Ben-Lichtman / reloader

  View on GitHub
  Reflective DLL self-loading as a library
  ☆21May 3, 2025Updated 10 months ago
• Yamato-Security / Presentations

  View on GitHub
  ☆21Nov 19, 2025Updated 4 months ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• strozfriedberg / notatin

  View on GitHub
  A Windows registry file parser written in Rust
  ☆41Oct 30, 2025Updated 5 months ago
• ChrisDenton / static_vcruntime

  View on GitHub
  Statically link the vcruntime
  ☆37Nov 25, 2025Updated 4 months ago
• MSxDOS / ntapi

  View on GitHub
  Rust FFI bindings for Native API
  ☆125Feb 10, 2026Updated last month
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆63Jun 23, 2025Updated 9 months ago
• pathtofile / PPLRunner

  View on GitHub
  Run Processes as PPL with ELAM
  ☆177Mar 17, 2022Updated 4 years ago
• rmccrystal / winkernel-rs

  View on GitHub
  Utility functions for building Windows kernel drivers in Rust
  ☆21Nov 16, 2021Updated 4 years ago
• h0mbre / ioctl.py

  View on GitHub
  ☆19Jan 12, 2020Updated 6 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆12Jan 10, 2023Updated 3 years ago
• re-fox / documentation

  View on GitHub
  ☆13Nov 10, 2020Updated 5 years ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• tandasat / EopMon

  View on GitHub
  Elevation of privilege detector based on HyperPlatform
  ☆124Mar 5, 2017Updated 9 years ago
• memN0ps / matrix-rs

  View on GitHub
  Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)
  ☆328Jul 7, 2024Updated last year
• not-matthias / amd_hypervisor

  View on GitHub
  AMD Hypervisor written writh Rust.
  ☆165Sep 14, 2023Updated 2 years ago
• janoglezcampos / rust_syscalls

  View on GitHub
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆234Mar 23, 2023Updated 3 years ago
• Nariod / Tartocitron

  View on GitHub
  Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.
  ☆11May 31, 2022Updated 3 years ago
• elastic / PPLGuard

  View on GitHub
  ☆70Feb 6, 2025Updated last year
• yjugl / mitimon

  View on GitHub
  Monitor ETW events for Windows process mitigation policies, with stack traces
  ☆31Oct 7, 2022Updated 3 years ago
• invictus-ir / aws_dataset

  View on GitHub
  A dataset with CloudTrail events from an attack simulation using Stratus.
  ☆25Jul 12, 2023Updated 2 years ago
• 0vercl0k / kdmp-parser

  View on GitHub
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆213Oct 5, 2025Updated 5 months ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• cassaundra / wildflower

  View on GitHub
  Efficient wildcard matching against strings
  ☆15May 21, 2024Updated last year
• jix / zwohash

  View on GitHub
  A fast, deterministic, non-cryptographic hash for use in hash tables for Rust
  ☆15Jan 12, 2021Updated 5 years ago
• POPFD / HypervisorBase

  View on GitHub
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆51Mar 11, 2021Updated 5 years ago
• theAtropos4n6 / Partition-4DiagnosticParser

  View on GitHub
  Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.
  ☆20Nov 28, 2023Updated 2 years ago
• getsentry / pdb

  View on GitHub
  A parser for Microsoft PDB (Program Database) debugging information
  ☆461Jan 14, 2026Updated 2 months ago
• memN0ps / eagle-rs

  View on GitHub
  Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle)
  ☆578Jun 5, 2023Updated 2 years ago
• nico-abram / blondie

  View on GitHub
  Collect CPU callstack samples from a windows process
  ☆54Mar 4, 2026Updated 3 weeks ago