C/C++ Performance Profiler
-
Updated
Sep 26, 2024 - C++
C/C++ Performance Profiler
Adversary tradecraft detection, protection, and hunting
Command line tracing tool for Windows, based on ETW.
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
The world's most powerful System Activity Monitor Engine · 一款功能强大的终端行为采集防御开发套件 ~ 旨在帮助EDR、零信任、数据安全、审计管控等终端安全软件可以快速实现产品功能, 而不用关心底层驱动的开发、维护和兼容性问题,让其可以专注于业务开发
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
C# POC to extract NetNTLMv1/v2 hashes from ETW provider
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
A small real time SyncML protocol Viewer