zodiacon/WFPExplorer external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

zodiacon/WFPExplorer

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/zodiacon/WFPExplorer)

Close

zodiacon / WFPExplorerView on GitHubMore

• External links
• Readme badge

Windows Filtering Platform Explorer

☆335Aug 28, 2025Updated 6 months ago

Alternatives and similar repositories for WFPExplorer

Users that are interested in WFPExplorer are comparing it to the libraries listed below

• zodiacon / WMIExplorer

  View on GitHub
  ☆27Jul 13, 2025Updated 8 months ago
• zodiacon / DeviceExplorer

  View on GitHub
  ☆58Feb 27, 2026Updated 3 weeks ago
• zodiacon / TotalSystem

  View on GitHub
  View Windows System in action
  ☆46Aug 3, 2025Updated 7 months ago
• zodiacon / ProcMonXv2

  View on GitHub
  Process Monitor X v2
  ☆651Jan 22, 2024Updated 2 years ago
• zodiacon / ObjectExplorer

  View on GitHub
  Explore Kernel Objects on Windows
  ☆244Apr 4, 2025Updated 11 months ago
• zodiacon / InfStudio

  View on GitHub
  INF Studio for easier working with driver installation files
  ☆39Nov 11, 2023Updated 2 years ago
• zodiacon / TotalPE2

  View on GitHub
  PE Viewer
  ☆212Jan 24, 2026Updated last month
• zodiacon / DbgPrint

  View on GitHub
  Debug Print viewer (user and kernel)
  ☆72Feb 7, 2024Updated 2 years ago
• zodiacon / AllTools

  View on GitHub
  All reasonably stable tools
  ☆1,402Feb 27, 2026Updated 3 weeks ago
• zodiacon / eBPFStudio

  View on GitHub
  Work with eBPF on Windows
  ☆44Feb 26, 2025Updated last year
• zodiacon / RemoteThreadDetection

  View on GitHub
  Remote Thread Detection with a Kernel Driver
  ☆34Jan 14, 2025Updated last year
• zodiacon / BITSManager

  View on GitHub
  BITS Transfers Manager
  ☆46May 18, 2025Updated 10 months ago
• microsoft / ndis-driver-library

  View on GitHub
  Code to make it easier to write an NDIS network driver on Windows
  ☆93Oct 1, 2023Updated 2 years ago
• zodiacon / WinSpy

  View on GitHub
  Enhanced version of the classic Spy++ tool
  ☆223Feb 26, 2026Updated 3 weeks ago
• hfiref0x / WinObjEx64

  View on GitHub
  Windows Object Explorer 64-bit
  ☆1,893Mar 9, 2026Updated last week
• pathtofile / Sealighter

  View on GitHub
  Sysmon-Like research tool for ETW
  ☆387Nov 15, 2022Updated 3 years ago
• zodiacon / windowskernelprogrammingbook2e

  View on GitHub
  Samples for the book Windows Kernel Programming, 2nd edition
  ☆372Aug 2, 2025Updated 7 months ago
• whokilleddb / ETWListicle

  View on GitHub
  List the ETW provider(s) in the registration table of a process.
  ☆80Sep 20, 2023Updated 2 years ago
• zodiacon / EtwExplorer

  View on GitHub
  View ETW Provider manifest
  ☆576Nov 1, 2024Updated last year
• zodiacon / SystemExplorer

  View on GitHub
  Windows System Explorer
  ☆878Nov 29, 2025Updated 3 months ago
• zodiacon / KObjects

  View on GitHub
  Sample for Creating a new kernel object type and supporting API
  ☆28Sep 7, 2024Updated last year
• silverf0x / RpcView

  View on GitHub
  RpcView is a free tool to explore and decompile Microsoft RPC interfaces
  ☆1,049Sep 24, 2023Updated 2 years ago
• JaredWright / WFPStarterKit

  View on GitHub
  An example driver for Windows that shows how to set-up some basic components of the Windows Filtering Platform
  ☆205Jul 6, 2022Updated 3 years ago
• csandker / InterProcessCommunication-Samples

  View on GitHub
  Some Code Samples for Windows based Inter-Process-Communication (IPC)
  ☆211Feb 29, 2024Updated 2 years ago
• thesecretclub / SandboxBootkit

  View on GitHub
  Bootkit for Windows Sandbox to disable DSE/PatchGuard.
  ☆321Oct 13, 2024Updated last year
• cyberark / RPCMon

  View on GitHub
  RPC Monitor tool based on Event Tracing for Windows
  ☆388Aug 19, 2024Updated last year
• zodiacon / sysrun

  View on GitHub
  Run any executable as SYSTEM account (no service required)
  ☆142May 11, 2024Updated last year
• Idov31 / Jormungandr

  View on GitHub
  Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.
  ☆244Sep 26, 2023Updated 2 years ago
• uf0o / windows-ps-callbacks-experiments

  View on GitHub
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆83Feb 26, 2022Updated 4 years ago
• jdu2600 / EtwTi-FluctuationMonitor

  View on GitHub
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆172May 17, 2023Updated 2 years ago
• BeneficialCode / WinArk

  View on GitHub
  Windows Anti-Rootkit Tool
  ☆547Dec 31, 2025Updated 2 months ago
• wbenny / EtwConsumerNT

  View on GitHub
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆146Feb 23, 2019Updated 7 years ago
• zodiacon / DepWalk

  View on GitHub
  ☆40May 10, 2025Updated 10 months ago
• itm4n / PPLcontrol

  View on GitHub
  Controlling Windows PP(L)s
  ☆381Jun 9, 2023Updated 2 years ago
• xuanxuan0 / TiEtwAgent

  View on GitHub
  PoC memory injection detection agent based on ETW, for offensive and defensive research purposes
  ☆301Apr 10, 2021Updated 4 years ago
• jdu2600 / CFG-FindHiddenShellcode

  View on GitHub
  Walks the CFG bitmap to find previously executable but currently hidden shellcode regions
  ☆134May 17, 2023Updated 2 years ago
• zodiacon / PoolMonXv3

  View on GitHub
  Monitor Kernel pool allocations tags
  ☆77Nov 2, 2023Updated 2 years ago
• zodiacon / TaskSched

  View on GitHub
  ☆31Dec 1, 2022Updated 3 years ago
• 0mWindyBug / RansomGuard

  View on GitHub
  anti-ransomware file-system filter
  ☆69Sep 3, 2024Updated last year