n4r1b/ferrisetw external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

n4r1b/ferrisetw

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/n4r1b/ferrisetw)

Close

n4r1b / ferrisetwView on GitHubMore

• External links
• Readme badge

Basically a KrabsETW rip-off written in Rust

☆91Oct 20, 2025Updated 7 months ago

Alternatives and similar repositories for ferrisetw

Users that are interested in ferrisetw are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• jopohl / sigma-rust

  View on GitHub
  A Rust library for parsing and evaluating Sigma rules
  ☆22Nov 26, 2025Updated 6 months ago
• hussein-aitlahcen / windows-kernel-rs

  View on GitHub
  Windows Kernel Driver library for Rust developers
  ☆36Jan 23, 2021Updated 5 years ago
• herosi / triage-collector

  View on GitHub
  ☆23Oct 9, 2024Updated last year
• Yamato-Security / sigma-to-hayabusa-converter

  View on GitHub
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆16Oct 22, 2025Updated 7 months ago
• microsoft / krabsetw

  View on GitHub
  KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
  ☆772Apr 14, 2026Updated last month
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• epakskape / whpexp

  View on GitHub
  Experiments involving the Windows Hypervisor Platform
  ☆23Jun 24, 2020Updated 5 years ago
• not-matthias / kernel-log-rs

  View on GitHub
  A minimalistic logger for Windows Kernel Drivers.
  ☆24Mar 8, 2024Updated 2 years ago
• pathtofile / Sealighter

  View on GitHub
  Sysmon-Like research tool for ETW
  ☆389Nov 15, 2022Updated 3 years ago
• Hugal31 / yara-rust

  View on GitHub
  Rust bindings for VirusTotal/Yara
  ☆81May 5, 2026Updated 3 weeks ago
• Yamato-Security / suzaku-rules

  View on GitHub
  ☆13May 23, 2026Updated last week
• pkptzx / rawcopy-rs

  View on GitHub
  Primarily aimed at replicating files that cannot be directly copied due to being in use.
  ☆10Apr 22, 2024Updated 2 years ago
• Ben-Lichtman / reloader

  View on GitHub
  Reflective DLL self-loading as a library
  ☆21May 3, 2025Updated last year
• Yamato-Security / Presentations

  View on GitHub
  ☆21Nov 19, 2025Updated 6 months ago
• strozfriedberg / notatin

  View on GitHub
  A Windows registry file parser written in Rust
  ☆40Oct 30, 2025Updated 6 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• ChrisDenton / static_vcruntime

  View on GitHub
  Statically link the vcruntime
  ☆39Nov 25, 2025Updated 6 months ago
• MSxDOS / ntapi

  View on GitHub
  Rust FFI bindings for Native API
  ☆129Feb 10, 2026Updated 3 months ago
• pathtofile / PPLRunner

  View on GitHub
  Run Processes as PPL with ELAM
  ☆177Mar 17, 2022Updated 4 years ago
• rmccrystal / winkernel-rs

  View on GitHub
  Utility functions for building Windows kernel drivers in Rust
  ☆21Nov 16, 2021Updated 4 years ago
• h0mbre / ioctl.py

  View on GitHub
  ☆19Jan 12, 2020Updated 6 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆11Jan 10, 2023Updated 3 years ago
• re-fox / documentation

  View on GitHub
  ☆13Nov 10, 2020Updated 5 years ago
• tandasat / EopMon

  View on GitHub
  Elevation of privilege detector based on HyperPlatform
  ☆123Mar 5, 2017Updated 9 years ago
• memN0ps / matrix-rs

  View on GitHub
  Rusty Hypervisor - Windows Kernel Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)
  ☆338May 14, 2026Updated 2 weeks ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• not-matthias / amd_hypervisor

  View on GitHub
  AMD Hypervisor written writh Rust.
  ☆166Sep 14, 2023Updated 2 years ago
• janoglezcampos / rust_syscalls

  View on GitHub
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆237Mar 23, 2023Updated 3 years ago
• Nariod / Tartocitron

  View on GitHub
  Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.
  ☆11May 31, 2022Updated 3 years ago
• elastic / PPLGuard

  View on GitHub
  ☆69Feb 6, 2025Updated last year
• yjugl / mitimon

  View on GitHub
  Monitor ETW events for Windows process mitigation policies, with stack traces
  ☆30Oct 7, 2022Updated 3 years ago
• invictus-ir / aws_dataset

  View on GitHub
  A dataset with CloudTrail events from an attack simulation using Stratus.
  ☆26Jul 12, 2023Updated 2 years ago
• 0vercl0k / kdmp-parser

  View on GitHub
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆213Oct 5, 2025Updated 7 months ago
• cassaundra / wildflower

  View on GitHub
  Efficient wildcard matching against strings
  ☆15May 21, 2024Updated 2 years ago
• jix / zwohash

  View on GitHub
  A fast, deterministic, non-cryptographic hash for use in hash tables for Rust
  ☆15Jan 12, 2021Updated 5 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• POPFD / HypervisorBase

  View on GitHub
  A library for intel VT-x hypervisor functionality supporting EPT shadowing.
  ☆52Mar 11, 2021Updated 5 years ago
• theAtropos4n6 / Partition-4DiagnosticParser

  View on GitHub
  Windows Event Log "Microsoft-Windows-Partition%4Diagnostic.evtx" parser and devices' VSNs extractor.
  ☆20Nov 28, 2023Updated 2 years ago
• getsentry / pdb

  View on GitHub
  A parser for Microsoft PDB (Program Database) debugging information
  ☆464Mar 23, 2026Updated 2 months ago
• 0vercl0k / kdmp-parser-rs

  View on GitHub
  A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
  ☆49Apr 17, 2026Updated last month
• seryal / EventLogViewer

  View on GitHub
  Viewer for Windows Event Log
  ☆13Oct 21, 2019Updated 6 years ago
• landaire / pdbview

  View on GitHub
  dump all available information from PDBs
  ☆136Apr 6, 2024Updated 2 years ago
• trustedsec / Windows-MS-LSAT-RPC-Example

  View on GitHub
  Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD
  ☆29Jan 4, 2024Updated 2 years ago