#
etw
Here are 45 public repositories matching this topic...
Command line tracing tool for Windows, based on ETW.
-
Updated
Oct 15, 2025 - C#
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
game-hacking dynamic-analysis etw malware-analysis malware-research network-analysis sysadmin-tool full-packet-capture windows-event-tracing
-
Updated
Nov 6, 2025 - C#
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
etw memory-scanning blueteam memory-scanner realtime-monitoring remote-thread-injection processmonitoring meterpreter-detection tcpip-monitoring thread-monitor imageloads malicious-traffic-detection detection-etw-events virtualmemallocation-detection memory-scanner-by-etw-events threat-hunting-via-etw threat-hunting-via-sysmon cobaltstrike-detection payload-detection technique-detection
-
Updated
Mar 20, 2024 - C#
C# POC to extract NetNTLMv1/v2 hashes from ETW provider
-
Updated
May 10, 2023 - C#
A small real time SyncML protocol Viewer
-
Updated
Jan 23, 2025 - C#
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
mpd signature etw meterpreter thread-injection meterpreter-payload-detection meterpreter-detection thread-injection-detection etwmonthread etw-monitoring-threads meterpreter-signature
-
Updated
Jun 5, 2023 - C#
TraceSpy is a pure .NET, 100% free and open source, alternative to the very popular SysInternals DebugView tool.
debugging dotnet uwp wpf logging trace dotnet-core etw asp-net-core error-reporting net-core productivity-tools microsoft-logging microsoft-dependency-injection
-
Updated
Aug 14, 2025 - C#
Command line tool to analyze one/many ETW file/s with simple queries for common issues.
-
Updated
Nov 7, 2025 - C#
.NET Logging adaptors
-
Updated
Oct 12, 2022 - C#
Collects network traces of .NET applications.
-
Updated
Jul 2, 2021 - C#
Logs key Windows process performance metrics. #nsacyber
-
Updated
Dec 8, 2022 - C#
ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
detection etw threat-hunting csharp-code meterpreter defensive blueteam blue-team networkmonitor tcpview etw-monitoring-threads defensivetool tcpv4
-
Updated
Jun 6, 2023 - C#
A Splunk Technology Add-on to forward filtered ETW events.
-
Updated
Oct 14, 2020 - C#
Visual Studio Extension and tools to ease development using Event Tracing for Windows (ETW).
-
Updated
Oct 6, 2020 - C#
Improve this page
Add a description, image, and links to the etw topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the etw topic, visit your repo's landing page and select "manage topics."