ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
etw
memory-scanning
blueteam
memory-scanner
realtime-monitoring
remote-thread-injection
processmonitoring
meterpreter-detection
tcpip-monitoring
thread-monitor
imageloads
malicious-traffic-detection
detection-etw-events
virtualmemallocation-detection
memory-scanner-by-etw-events
threat-hunting-via-etw
threat-hunting-via-sysmon
cobaltstrike-detection
payload-detection
technique-detection
-
Updated
Mar 20, 2024 - C#