Winshark

ETW decoder

A Wireshark plugin for instrumenting Event Tracing for Windows

A wireshark plugin to instrument ETW

537 stars

28 watching

59 forks

Language: Lua

last commit: about 3 years ago

etwpcapwireshark

Related projects:

Repository	Description	Stars
airbus-cert/regrippy	A Python-based framework for reading and extracting forensics data from Windows registry hives	188
roddypratt/tslumd-wireshark	Wireshark dissector for decoding TSL UMD protocol packets in network traffic	5
airbus-cert/ttddbg	A plugin for IDA Pro that allows time travel debugging and supports loading of WinDBG Preview traces	553
jdu2600/windows10etwevents	Collects and analyzes Windows 10 event tracing data from various providers across different versions.	275
airbus-cert/dnyara	A .Net wrapper library for the native Yara library to quickly identify and classify malware samples.	38
airbus-cert/comida	An IDA plugin to analyze COM module usage and infer types for easier analysis.	199
sasa1977/site_encrypt	A library for automatic SSL/TLS certificate management in Elixir web applications	474
psi-4ward/asksinanalyzerxs	An analyzer tool for decoding and processing radio telegrams in HomeMatic environments	48
chugr/adverb	Tools for distilling and displaying network trace data in an interactive web page format	12
ctron/yew-oauth2	An OAuth2 component for Yew web applications.	45
flyq/ecdsa_poc	An educational proof-of-concept demonstrating the verification of ECDSA signatures using a custom-built backend in Motoko language	0
cert-polska/n6	A system to collect and manage security information on a large scale.	124
eth0izzle/bucket-stream	Tools to identify publicly accessible S3 buckets by monitoring certificate transparency logs.	1,756
olliw42/otxtelemetry	Provides MAVLink telemetry capabilities to OpenTx autopilot systems	38
boku7/injectetwbypass	Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall	276