Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for etw
etw
x
108 search results found
Orbit
⭐
3,359
C/C++ Performance Profiler
Alltools
⭐
967
All reasonably stable tools
Wtrace
⭐
652
Command line tracing tool for Windows, based on ETW.
Etl2pcapng
⭐
544
Utility that converts an .etl file containing a Windows network packet capture into .pcapng format.
Krabsetw
⭐
529
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
Netloader
⭐
430
Loads any C# binary in mem, patching AMSI + ETW.
Bofs
⭐
410
Collection of Beacon Object Files
Winshark
⭐
348
A wireshark plugin to instrument ETW
Executeassembly
⭐
335
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).
Winipt
⭐
325
The Windows Library for Intel Process Trace (WinIPT) is a project that leverages the new Intel Processor Trace functionality exposed by Windows 10 Redstone 5 (1809), through a set of libraries and a command-line tool.
Debug Recipes
⭐
321
My notes collected while debugging various problems in .NET and native applications.
Imonitorsdk
⭐
302
系统监控开发套件(sysmon、promon、edr、终端安全、主机安全、零信任、上网行为管理)
Evtx Etw Resources
⭐
299
Event Tracing For Windows (ETW) Resources
Etwprocessmon2
⭐
251
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Pywintrace
⭐
245
ETW Python Library
Intelseapi
⭐
198
IntelSEAPI
Sealighter
⭐
189
Sysmon-Like research tool for ETW
Etwhash
⭐
182
C# POC to extract NetNTLMv1/v2 hashes from ETW provider
Windows10etwevents
⭐
174
Events from all manifest-based and mof-based ETW providers across Windows 10 versions
Meterpreter_payload_detection
⭐
154
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
Clrevents
⭐
144
Source code based on TraceEvent to listen to CLR events at runtime
Perfit
⭐
126
Performance Monitoring and instrumentation for .NET (4.52+ and Core)
Etwstream
⭐
119
Logs are event streams. EtwStream provides In-Process and Out-of-Process ObservableEventListener. Everything can compose and output to anywhere by Reactive Extensions.
Etrace
⭐
113
Command-line tool for ETW tracing on files and real-time events
Ruxcon2016etw
⭐
111
Ruxcon2016 POC Code
Postsharp.samples
⭐
110
PostSharp Samples
Syncmlviewer
⭐
106
A small real time SyncML protocol Viewer
Applicationinsights Dotnet Logging
⭐
104
.NET Logging adaptors
Tracespy
⭐
100
TraceSpy is a pure .NET, 100% free and open source, alternative to the very popular SysInternals DebugView tool.
Psdiscoveryprotocol
⭐
97
Capture and parse CDP and LLDP packets on local or remote computers
Eventsourceproxy
⭐
95
EventSourceProxy (ESP) is the easiest way to add scalable Event Tracing for Windows (ETW) logging to your .NET program
Dotnet Netrace
⭐
92
Collects network traces of .NET applications.
Etwanalyzer
⭐
91
Command line tool to analyze one/many ETW file/s with simple queries for common issues.
Powerkrabsetw
⭐
90
PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.
Microsoft.diagnostics.tracing.logging
⭐
81
.NET library for logging data via EventSource/ETW
Lazycopy
⭐
76
NTFS minifilter driver that can download file content from a remote location, when it is opened for the first time.
Rust_win_etw
⭐
75
Allows Rust code to log events to ETW
Tamperetw
⭐
73
PoC to demonstrate how CLR ETW events can be tampered.
Etw2json
⭐
71
Tool and library to convert ETW logs to JSON files
Optick Rs
⭐
68
Optick for Rust
Sawbuck
⭐
64
Automatically exported from code.google.com/p/sawbuck
Kqltools
⭐
61
A command line tool to explore real-time streams of events.
Classic
⭐
59
Serilog web request logging and enrichment for classic ASP.NET applications
Etwconsumernt
⭐
58
Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
Etwprof
⭐
58
Sampling profiler for native applications on Windows, based on ETW
Etl Parser
⭐
57
Event Trace Log file parser in pure Python
Inmemorynet
⭐
55
Exploring in-memory execution of .NET
Etwbreaker
⭐
48
An IDA plugin to deal with Event Tracing for Windows (ETW)
Psalander
⭐
47
Ferrisetw
⭐
45
Basically a KrabsETW rip-off written in Rust
Blocketw
⭐
44
.Net Assembly to block ETW telemetry in current process
Livestacks
⭐
42
Collect, aggregate, and display live stack traces for ETW events, including CPU sampling, of native and .NET processes.
Prune
⭐
40
Logs key Windows process performance metrics. #nsacyber
Bof Patchit
⭐
37
An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are available.
Npetw
⭐
36
Named pipe I/O ETW provider for Windows
Etwng
⭐
31
Next Generation Modding Tools for Empire Total War (and other Total War games)
Powershellmethodauditor
⭐
31
PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.
Etwrealtime
⭐
31
Example of real-time Windows ETW packet capture session
Pointmixup
⭐
30
Implementation for paper "PointMixup: Augmentation for Point Cloud". Accepted to ECCV 2020 as spotlight presentation
Nativeleakdetector
⭐
29
Win32 memory leak detector with ETW
Tracelogging
⭐
28
TraceLogging events and tracing
Pstrace
⭐
27
Trace ScriptBlock execution for powershell v2
Etwnetmonv3
⭐
27
ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Etwkeylogger_pse
⭐
26
PowerShell Empire module for logging USB keystrokes via ETW
Splunk Library Dotnetlogging
⭐
24
Support for logging from .NET Tracing and ETW / Semantic Logging ApplicationBlock to Splunk.
Oppat
⭐
23
Open Power Performance Analysis Tool
Insecurepowershellhost
⭐
22
InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features removed.
Splunk Etw
⭐
21
A Splunk Technology Add-on to forward filtered ETW events.
Iis Etw Tracing
⭐
20
IIS 8.5 ETW Tracing
Windowsperformance
⭐
20
Various Windows Performance files, scripts, settings and documents
Etw
⭐
20
Go library for ETW (Event Tracing for Windows) events processing
How To Write A Memory Profiler
⭐
19
CppCon 2019 Talk: slides and source code
Etwlisticle
⭐
16
List the ETW provider(s) in the registration table of a process.
Winlogszero2hero
⭐
15
This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
Ta_etw
⭐
14
Splunk Technology Add-On (TA) for collecting ETW events from Windows systems
Unhookingdll
⭐
13
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
Eventsourcegenerator
⭐
13
A Visual Studio extension that provides a CustomTool that generates the implementation of an EventSource based on an abstract class definition.
Slab Sinks
⭐
13
Semantic Logging Application Block Sinks
Dtrace Etw
⭐
13
DTrace for Windows in userspace; Frontend to ETW
Pywindowsthingies
⭐
13
Windows Thingies in Python for live use.
Sleepmask_patchlesshook
⭐
12
Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
Etwperformanceprofiler
⭐
12
Dynamics NAV Application Profiler
Nlog.etw
⭐
12
NLog Target for Event Tracing for Windows (ETW)
Etwflamegraph
⭐
12
Tool to generare Flamegraphs from etl files
Thor Client
⭐
11
An ETW EventSource Tracing Core build on .Net Standard 2.0
Et4w
⭐
11
Generate C# ETW EventSource classes from JSON event specifications using T4
Etw Providers Docs
⭐
10
Document ETW providers
Xunit.benchmark
⭐
10
Benchmarking extension for xunit.net
Etwsplitter
⭐
10
Split Event Tracing for Windows Files Into Smaller Pieces
Remotepatcher
⭐
9
Patch AMSI and ETW in remote process via direct syscall
Windows Imports Searcher
⭐
8
Support Windows OS Reversing by searching easily for references to functions across many DLLs
Thor Generator
⭐
8
An Event Tracing for Windows (ETW) EventSource generator built on .Net Core 2.0
Typescript Etw
⭐
8
Native ETW logging Node.js module for TypeScript project
Paint
⭐
7
ETW version of PAINT (Process Attribution In Network Traffic)
Naic_reid_challenge
⭐
7
首届“全国人工智能大赛”(行人重识别 Person ReID 赛项)
Logstash Windows Eventlog
⭐
7
An input plugin for Logstash which supports the newer ETW logging format.
Damonmohammadbagher.github.io
⭐
7
Etw Dns
⭐
7
A simple example application to collect DNS queries logs using etw-api
Go Windows Service Etw
⭐
6
A simple Windows service with ETW support using external DLL.
Event Trace Kit
⭐
6
Visual Studio Extension and tools to ease development using Event Tracing for Windows (ETW).
1-100 of 108 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.