系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
-
Updated
May 27, 2024 - C++
系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
Forward ETW events for centralized collection and analysis.
Command line tool to analyze one/many ETW file/s with simple queries for common issues.
C/C++ Performance Profiler
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
TraceLogging events and tracing
NLog Target for Event Tracing for Windows (ETW)
.NET 7 Windows Event Tracing wrapper library
Various Windows Performance files, scripts, settings and documents
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
A small real time SyncML protocol Viewer
Library to monitor process starts and stops on Windows powered by C#
This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hollowing
Command line tracing tool for Windows, based on ETW.
Auditing tool that uses ETW to try and keep bad actors out
Add a description, image, and links to the etw topic page so that developers can more easily learn about it.
To associate your repository with the etw topic, visit your repo's landing page and select "manage topics."