Top 11 etw open source projects

C/C++ Performance Profiler

✭ 2,291

C++c python CMake shell Starlark performance profiler instrumentation visualizer hooking etw sampling dynamic-instrumentation cpu-profiler

ETWProcessMon2

ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

✭ 55

C#detection etw blueteam realtime-monitoring defenders remote-thread-injection processmonitoring tcpip-monitoring thread-monitor imageloads

PSDiscoveryProtocol

Capture and parse CDP and LLDP packets on local or remote computers

✭ 59

powershell parse cisco capture packet etw lldp cdp

ETW2JSON

Tool and library to convert ETW logs to JSON files

✭ 66

C#json etl etw eventsource

PRUNE

Logs key Windows process performance metrics. #nsacyber

✭ 56

C#c Roff powershell windows performance process performance-metrics etw

EVTX-ETW-Resources

Event Tracing For Windows (ETW) Resources

✭ 142

windows detection logging tracing etw windows10 event-tracing-for-windows windows11

PSTrace

Trace ScriptBlock execution for powershell v2

✭ 38

c C#CMake incident-response forensics dfir etw

ferrisetw

Basically a KrabsETW rip-off written in Rust

✭ 22

rust microsoft windows tracing etw

ETWNetMonv3

ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

✭ 32

C#detection etw threat-hunting csharp-code meterpreter defensive blueteam blue-team networkmonitor tcpview etw-monitoring-threads defensivetool tcpv4

Splunk-ETW

A Splunk Technology Add-on to forward filtered ETW events.

✭ 26

C#CMake ruby windows dfir etw splunk-addon

TA ETW

Splunk Technology Add-On (TA) for collecting ETW events from Windows systems

✭ 17

C#ruby splunk etw

1-11 of 11 etw projects