1 result found Sort:
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
etw
blueteam
imageloads
memory-scanner
thread-monitor
memory-scanning
tcpip-monitoring
payload-detection
processmonitoring
realtime-monitoring
technique-detection
detection-etw-events
meterpreter-detection
cobaltstrike-detection
threat-hunting-via-etw
remote-thread-injection
threat-hunting-via-sysmon
malicious-traffic-detection
memory-scanner-by-etw-events
virtualmemallocation-detection
Created
2021-07-08
1,247 commits to main branch, last one 8 months ago