Topic: "detection-etw-events"
DamonMohammadbagher/ETWProcessMon2
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Language: C# - Size: 35 MB - Last synced at: 24 days ago - Pushed at: about 1 year ago - Stars: 300 - Forks: 69
Related Topics
blueteam
1
cobaltstrike-detection
1
etw
1
imageloads
1
malicious-traffic-detection
1
memory-scanner
1
memory-scanner-by-etw-events
1
memory-scanning
1
meterpreter-detection
1
payload-detection
1
processmonitoring
1
realtime-monitoring
1
remote-thread-injection
1
tcpip-monitoring
1
technique-detection
1
thread-monitor
1
threat-hunting-via-etw
1
threat-hunting-via-sysmon
1
virtualmemallocation-detection
1