ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
detection
etw
threat-hunting
csharp-code
meterpreter
defensive
blueteam
blue-team
networkmonitor
tcpview
etw-monitoring-threads
defensivetool
tcpv4
-
Updated
Jun 6, 2023 - C#