Tool for exploration and tracing of the Windows kernel
Project description
Fibratus is a tool which is able to capture the most of the Windows kernel activity - process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and much more. Fibratus has a very simple CLI which encapsulates the machinery to start the kernel event stream collector, set kernel event filters or run the lightweight Python modules called filaments. You can use filaments to extend Fibratus with your own arsenal of tools.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
fibratus-0.6.0.zip
(217.2 kB
view details)
File details
Details for the file fibratus-0.6.0.zip.
File metadata
- Download URL: fibratus-0.6.0.zip
- Upload date:
- Size: 217.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b906cace858bd9329e4ebb15ace7e810c60f5221f104f37e8653a049517c3f68
|
|
| MD5 |
7838ae73147d7782ec2043c5389874a3
|
|
| BLAKE2b-256 |
88d407d917af9fb2bfa027f757a9a60ad04efd8aa7ed430b6f99998a70c25fdf
|
