TLGMapper: An IDA Pro script that parses TraceLogging metadata embedded in x64 PE binaries and resolves each event to its owning ETW provider and the function that fires it.

github.com

TLGMapper: An IDA Pro script that parses TraceLogging metadata embedded in x64 PE binaries and resolves each event to its owning ETW provider and the function that fires it.

github.com

digicat@infosec.pubM to

blueteamsec@infosec.pubEnglish · 21 days ago

GitHub - AsuNa-jp/TLGMapper

github.com

Contribute to AsuNa-jp/TLGMapper development by creating an account on GitHub.

You must log in or # to comment.

Chat

blueteamsec@infosec.pub

Create a post

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !blueteamsec@infosec.pub

For [Blue|Purple] Teams in Cyber Defence - covering discovery, detection, response, threat intelligence, malware, offensive tradecraft and tooling, deception, reverse engineering etc.

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

13 users / day
93 users / week
343 users / month
1.04K users / 6 months
1 local subscriber
721 subscribers
3.38K Posts
255 Comments
Modlog

mods:
digicat@infosec.pub