olafhartong/PockETWatcher external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

olafhartong/PockETWatcher

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/olafhartong/PockETWatcher)

Close

olafhartong / PockETWatcherView on GitHubMore

• External links
• Readme badge

a tiny program to consume from ETW providers for research

☆55Jan 4, 2025Updated last year

Alternatives and similar repositories for PockETWatcher

Users that are interested in PockETWatcher are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• 0xThiebaut / PCAPeek

  View on GitHub
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆24May 21, 2023Updated 3 years ago
• Sq00ky / csharp-portscanner

  View on GitHub
  simple C# portscanner - written for playing around with Metasploit's Execute-Assembly
  ☆10Jul 1, 2023Updated 2 years ago
• NextronSystems / iocs

  View on GitHub
  Indicators of compromise from to analysis and research by Nextron Threat Research team
  ☆12Jun 2, 2026Updated 2 weeks ago
• MHaggis / SDDLMaker

  View on GitHub
  The home of the SDDLMaker
  ☆29Jan 13, 2025Updated last year
• vxunderground / OCRMe

  View on GitHub
  Tool designed to exfiltrate OneDrive Business OCR Data
  ☆127Jan 27, 2025Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• BushidoUK / MITRE-Mappings

  View on GitHub
  A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.
  ☆27Mar 20, 2025Updated last year
• jborean93 / AmsiProvider

  View on GitHub
  Test AMSI Provider implementation in C#
  ☆45Dec 18, 2024Updated last year
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 4 years ago
• 0x4d5a-ctf / 38c3_com_talk

  View on GitHub
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆75Jan 3, 2025Updated last year
• lolfsaas / lolfsaas.github.io

  View on GitHub
  Living of the Land of Free SaaS
  ☆76Mar 22, 2026Updated 2 months ago
• FrankMcGovern / Hidden-Vendor-Security-Advisories

  View on GitHub
  This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…
  ☆32May 11, 2024Updated 2 years ago
• RomaissaAdjailia / MindMaps

  View on GitHub
  ☆23Jun 1, 2022Updated 4 years ago
• cea-sec / openwec

  View on GitHub
  An implementation of a Windows Event Collector server running on GNU/Linux.
  ☆97Jan 27, 2026Updated 4 months ago
• goatmilkkk / TinyProcessor

  View on GitHub
  A post-processing script for TinyTracer
  ☆39Mar 22, 2023Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• wietze / Invoke-ArgFuscator

  View on GitHub
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆278Feb 13, 2026Updated 4 months ago
• jonny-jhnson / TelemetrySource

  View on GitHub
  ☆263May 9, 2024Updated 2 years ago
• t-tani / defender2yara

  View on GitHub
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆207Updated this week
• praetorian-inc / swarmer

  View on GitHub
  A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
  ☆139Jan 26, 2026Updated 4 months ago
• magicsword-io / Magic-SigExplorer

  View on GitHub
  ☆15Sep 24, 2024Updated last year
• NtDallas / Ulfberht

  View on GitHub
  Shellcode loader
  ☆104Nov 24, 2024Updated last year
• MHaggis / SequelEyes

  View on GitHub
  SQL, IIS, Oh My...
  ☆21Feb 24, 2025Updated last year
• matterpreter / FindETWProviderImage

  View on GitHub
  Quickly search for references to a GUID in DLLs, EXEs, and drivers
  ☆75Dec 10, 2021Updated 4 years ago
• emanuelepicas / OSEP

  View on GitHub
  OSEP - Offsec Expert Professional
  ☆21Jun 23, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• jonny-jhnson / ETWInspector

  View on GitHub
  ☆209May 10, 2026Updated last month
• olafhartong / DefenderHarvester

  View on GitHub
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆120Aug 19, 2025Updated 9 months ago
• MalBeacon / what-is-this-stealer

  View on GitHub
  A repository of credential stealer formats
  ☆254Jun 10, 2025Updated last year
• gtworek / SysvolExplorer

  View on GitHub
  Active Directory Group Policy analyzer
  ☆18Sep 20, 2019Updated 6 years ago
• mubix / Find-WSUS

  View on GitHub
  Helps defenders find their WSUS configurations in the wake of CVE-2025-59287
  ☆46Oct 28, 2025Updated 7 months ago
• alwashali / yaa

  View on GitHub
  yaa - yaml search for humans
  ☆12Dec 8, 2025Updated 6 months ago
• libyal / winevt-kb

  View on GitHub
  Windows Event Log Knowledge Base
  ☆33May 16, 2026Updated last month
• ioncodes / SilentLoad

  View on GitHub
  "Service-less" driver loading
  ☆188Nov 28, 2024Updated last year
• eSentire / iocs

  View on GitHub
  ☆62May 28, 2026Updated 3 weeks ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• 0xdea / blindsight

  View on GitHub
  Red teaming tool to dump LSASS memory, bypassing basic countermeasures.
  ☆248Mar 9, 2026Updated 3 months ago
• trustedsec / specula

  View on GitHub
  ☆236Jun 10, 2025Updated last year
• som3canadian / Mythic_NimSyscallPacker_Wrapper

  View on GitHub
  Mythic C2 wrapper for NimSyscallPacker
  ☆26Mar 12, 2025Updated last year
• vxCrypt0r / Voidmaw

  View on GitHub
  A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…
  ☆359Oct 7, 2024Updated last year
• jsecu / BOF-pack-1

  View on GitHub
  A care package of useful bofs for red team engagments
  ☆53Dec 6, 2024Updated last year
• nickvourd / COM-Hunter

  View on GitHub
  COM Hijacking VOODOO
  ☆386May 30, 2026Updated 2 weeks ago
• thefLink / Hunt-Sleeping-Beacons

  View on GitHub
  Aims to identify sleeping beacons
  ☆670Jan 25, 2026Updated 4 months ago