# rabbitstack/fibratus

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/rabbitstack-fibratus).**

2,493 stars · 215 forks · Go · NOASSERTION

## Links

- GitHub: https://github.com/rabbitstack/fibratus
- Homepage: https://www.fibratus.io
- awesome-repositories: https://awesome-repositories.com/repository/rabbitstack-fibratus.md

## Topics

`adversary` `blueteam` `edr` `etw` `golang` `instrumentation` `mitre` `python` `security` `windows` `windows-kernel`

## Description

Adversary tradecraft detection, protection, and hunting

## Tags

### Part of an Awesome List

- [Security Logging and SIEM](https://awesome-repositories.com/f/awesome-lists/data/security-logging-and-siem.md) — Tool for Windows kernel activity exploration and tracing.
- [Forensics Analysis](https://awesome-repositories.com/f/awesome-lists/security/forensics-analysis.md) — Exploration and tracing tool for the Windows kernel.
- [Honeypot Management](https://awesome-repositories.com/f/awesome-lists/security/honeypot-management.md) — Windows kernel exploration and tracing tool.
- [Reverse Engineering](https://awesome-repositories.com/f/awesome-lists/security/reverse-engineering.md) — Explores and traces Windows kernel activity.
- [Windows Evidence Collection](https://awesome-repositories.com/f/awesome-lists/security/windows-evidence-collection.md) — Tool for tracing and exploring the Windows kernel.
- [Windows Security Utilities](https://awesome-repositories.com/f/awesome-lists/security/windows-security-utilities.md) — Traces and explores Windows kernel activities.