Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
☆18Jun 29, 2024Updated last year
Alternatives and similar repositories for ETWReader
Users that are interested in ETWReader are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Some stuff for PHD2021☆14May 21, 2025Updated 10 months ago
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.☆24Feb 23, 2026Updated last month
- ECC Public Key Cryptography☆37Oct 29, 2023Updated 2 years ago
- a stage1 DLL loader with sleep obfuscation☆36Dec 27, 2022Updated 3 years ago
- rust port of pspy with support for process monitoring over dbus☆37Jan 4, 2026Updated 2 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- A tool designed to hook into Windows applications and output named (and anonymous?) pipe traffic.☆15Feb 27, 2024Updated 2 years ago
- PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts☆25Aug 17, 2018Updated 7 years ago
- ☆16Sep 7, 2017Updated 8 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆198Dec 6, 2022Updated 3 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- Original hVNC has been recoded to work with all version of windows above XP. Thanks to the original author for this wonderful tool.☆10Oct 13, 2021Updated 4 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- P2P Communications of Named Pipes☆12Dec 11, 2025Updated 3 months ago
- ☆139Nov 17, 2025Updated 4 months ago
- Quick test for CVE-2023-26025 behaviours☆13Nov 29, 2023Updated 2 years ago
- Living of the Land of Free SaaS☆63Updated this week
- PoC for CVE-2023-36802 Microsoft Kernel Streaming Service Proxy☆36Oct 24, 2023Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆45Apr 27, 2023Updated 2 years ago
- Indicators of compromise from to analysis and research by Nextron Threat Research team☆12Sep 17, 2025Updated 6 months ago
- A PoC tool for exploiting leaked process and thread handles☆32Feb 13, 2024Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 11 months ago
- ☆57Jan 15, 2024Updated 2 years ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆138Jul 10, 2025Updated 8 months ago
- Examples of various container types for Python and Golang☆16Aug 29, 2025Updated 6 months ago
- User-mode implementation of HTTP.SYS. Implements HTTP 1.1 of the "HTTP Server API 2.0" for web servers☆45Feb 17, 2025Updated last year
- ☆26Sep 29, 2018Updated 7 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- ☆12Jun 5, 2024Updated last year
- ☆48Dec 5, 2025Updated 3 months ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 9 months ago
- ☆119Jan 30, 2024Updated 2 years ago
- Identifies metadata of .NET binary files.☆21Apr 3, 2024Updated last year
- Files and templates to go along with my "Busy Dev's Workshop on Building a Virtual Machine"☆12May 12, 2024Updated last year
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- Windows process injection methods☆19Aug 11, 2019Updated 6 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Rite Of Passage ROP Injector☆35Aug 4, 2019Updated 6 years ago