zodiacon / EtwExplorerLinks
View ETW Provider manifest
☆489Updated 7 months ago
Alternatives and similar repositories for EtwExplorer
Users that are interested in EtwExplorer are comparing it to the libraries listed below
Sorting:
- Events from all manifest-based and mof-based ETW providers across Windows 10 versions☆299Updated last year
- Document ETW providers☆234Updated 5 years ago
- Sysmon-Like research tool for ETW☆353Updated 2 years ago
- KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.☆664Updated 2 months ago
- Event Tracing For Windows (ETW) Resources☆386Updated 8 months ago
- Useful scripts for WinDbg using the debugger data model☆413Updated last year
- RPC Monitor tool based on Event Tracing for Windows☆356Updated 9 months ago
- ☆768Updated 2 years ago
- Expriments☆458Updated 8 months ago
- A collection of free miscellaneous Windows tools☆135Updated 9 months ago
- Extract Windows Defender database from vdm files and unpack it☆440Updated 5 years ago
- Process Monitor X v2☆613Updated last year
- Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs☆750Updated last year
- Enumerate and disable common sources of telemetry used by AV/EDR.☆797Updated 4 years ago
- Enumerating and removing kernel callbacks using signed vulnerable drivers☆563Updated 2 years ago
- A DTrace on Windows Reimplementation☆348Updated 4 months ago
- RpcView is a free tool to explore and decompile Microsoft RPC interfaces☆976Updated last year
- My personal cheat sheet for using WinDbg for kernel debugging☆420Updated last month
- Source code for File Test - Interactive File System Test Tool☆284Updated 2 months ago
- Windows 10 System Programming book samples☆427Updated 11 months ago
- A wireshark plugin to instrument ETW☆559Updated 3 years ago
- Python library to parse and read Microsoft minidump file format☆287Updated 4 months ago
- Exploring RPC interfaces on Windows☆321Updated last year
- Dynamic unpacker based on PE-sieve☆732Updated last week
- Windows Filtering Platform Explorer☆262Updated 4 months ago
- Extended Process Monitor-like tool based on Event Tracing for Windows☆472Updated 5 years ago
- ☆298Updated 4 years ago
- awesome windbg extensions☆331Updated 6 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆812Updated 3 years ago
- Live hunting of code injection techniques☆382Updated 5 years ago