#

etw

Here are 63 public repositories matching this topic...

google / orbit

C/C++ Performance Profiler

performance profiler instrumentation visualizer etw sampling hooking dynamic-instrumentation cpu-profiler

Updated Apr 1, 2022
C++

lowleveldesign / wtrace

Command line tracing tool for Windows, based on ETW.

trace diagnostics etw profiling strace

Updated Mar 18, 2022
C#

airbus-cert / Winshark

A wireshark plugin to instrument ETW

pcap wireshark etw

Updated Jan 28, 2022
Lua

microsoft / krabsetw

KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.

wrapper nuget-packages etw krabs

Updated Oct 8, 2021
C++

lowleveldesign / debug-recipes

My notes collected while debugging various problems in .NET applications.

debugging etw windbg profiling

Updated Feb 18, 2022
ASP.NET

fireeye / pywintrace

ETW Python Library

Updated Aug 1, 2019
Python

DamonMohammadbagher / Meterpreter_Payload_Detection

Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool

mpd signature etw meterpreter thread-injection meterpreter-payload-detection meterpreter-detection thread-injection-detection etwmonthread etw-monitoring-threads meterpreter-signature

Updated Jul 2, 2021
C#

wecooperate / iMonitorSDK

系统监控开发套件（sysmon、promon、edr、终端安全、主机安全、零信任、上网行为管理）

security kernel etw defender sysmon access-control procmon monitoring-tool zero-trust edr endpoint-security

Updated Mar 25, 2022
C++

nasbench / EVTX-ETW-Resources

Event Tracing For Windows (ETW) Resources

windows detection logging tracing etw windows10 event-tracing-for-windows windows11

Updated Mar 19, 2022

microsoft / ApplicationInsights-dotnet-logging

.NET Logging adaptors

sdk monitoring azure application-insights logging telemetry etw eventsource nlog log4net

Updated Oct 31, 2019
C#

wbenny / EtwConsumerNT

Simple project that demonstrates how an ETW consumer can be created just by using NTDLL

etw ntdll nttracecontrol

Updated Feb 23, 2019
C++

lowleveldesign / dotnet-netrace

Collects network traces of .NET applications.

dotnet network dotnet-core diagnostics etw

Updated Jul 2, 2021
C#

repnz / etw-providers-docs

Document ETW providers

Updated Mar 28, 2020
C

huoji120 / MakeInfinityHookGreatAgain

让Etwhook再次伟大! Make InfinityHook Great Again!

Updated Jun 24, 2021
C++

DamonMohammadbagher / ETWProcessMon2

ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

detection etw blueteam memory-scanner realtime-monitoring defenders remote-thread-injection processmonitoring meterpreter-detection tcpip-monitoring thread-monitor imageloads techniquedetection payloaddetection malicious-traffic-detection detection-etw-events virtualmemallocation-detection memory-scanner-by-etw-events threat-hunting-via-etw threat-hunting-via-sysmon

Updated Apr 1, 2022
C#

lahell / PSDiscoveryProtocol

Capture and parse CDP and LLDP packets on local or remote computers

parse cisco powershell capture packet etw lldp cdp

Updated Nov 4, 2021
PowerShell

microsoft / ETW2JSON

Tool and library to convert ETW logs to JSON files

json etl etw eventsource

Updated Jan 9, 2020
C#

nsacyber / PRUNE

Logs key Windows process performance metrics. #nsacyber

windows performance process performance-metrics etw

Updated May 3, 2021
C#

airbus-cert / etwbreaker

An IDA plugin to deal with Event Tracing for Windows (ETW)

Updated Jun 2, 2020
Python

airbus-cert / PSTrace

Trace ScriptBlock execution for powershell v2

powershell incident-response forensics dfir etw

Updated Jan 14, 2020
C

bi-zone / etw

Go library for ETW (Event Tracing for Windows) events processing

go golang etw event-tracing-for-windows

Updated Jul 11, 2021
Go

Donpedro13 / etwprof

Open

Timeouts for profiling

Donpedro13 commented Jun 21, 2018

Currently, profiling can end because of two “triggers” (not considering errors):

The target process exits
It’s stopped explicitly (with CTRL+C)

Point 1.) is achieved with waiting on the target process’ HANDLE, and explicitly stopping the profiler, when the object gets signaled.

Point 2.) is dealt with using a Console Control Handler.

It would be useful to introduce another mechani

Read more

good first issue feature difficulty:easy automation

AviAvni / NativeLeakDetector

Win32 memory leak detector with ETW

native memory etw leak

Updated Jan 5, 2018
C#

DamonMohammadbagher / ETWNetMonv3

ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

detection etw threat-hunting csharp-code meterpreter defensive blueteam blue-team networkmonitor tcpview etw-monitoring-threads defensivetool tcpv4

Updated Feb 7, 2022
C#

airbus-cert / Splunk-ETW

A Splunk Technology Add-on to forward filtered ETW events.

windows dfir etw splunk-addon

Updated Oct 14, 2020
C#

patinnc / oppat

Open Power Performance Analysis Tool

windows linux monitoring processor energy-monitor perf tracing power flamegraph performance-visualization etw performance-analysis monitor-performance performance-monitoring processor-counter-monitor cpu-monitoring tracing-binaries trace-cmd xperf perf-events

Updated Jan 27, 2022
C++

n4r1b / ferrisetw

Basically a KrabsETW rip-off written in Rust

microsoft windows rust tracing etw

Updated Oct 28, 2021
Rust

vector-sec / TA_ETW

Splunk Technology Add-On (TA) for collecting ETW events from Windows systems

Updated Sep 14, 2020
C#

Siemens-Healthineers / ETWAnalyzer

Command line tool to analyze one/many ETW file/s with simple queries for common issues.

etw traceprocessing

Updated Apr 1, 2022
C#

NLog / NLog.Etw

Log to Event Tracing for Windows (ETW)

etw nlog nlog-target netstandard20

Updated Aug 31, 2019
C#

Improve this page

Add a description, image, and links to the etw topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the etw topic, visit your repo's landing page and select "manage topics."