Fibratus

Fibratus is a tool which is able to capture the most of the Windows kernel activity - process/thread creation and termination, file system I/O, registry, network activity, DLL loading/unloading and much more. Fibratus has a very simple CLI which encapsulates the machinery to start the kernel event stream collector, set kernel event filters or run the lightweight Python modules called filaments. You can use filaments to extend Fibratus with your own arsenal of tools.

Requirements

Python 3.4
Visual C++ 2012 or above
Cython >=0.23.4

Installation

Install via the pip package manager:

pip install fibratus

Documentation

See the wiki.

Support

If you want to support Fibratus, please consider a donation.

Name		Name	Last commit message	Last commit date
Latest commit History 353 Commits
fibratus		fibratus
filaments		filaments
kstream		kstream
static		static
tests		tests
.gitignore		.gitignore
.landscape.yml		.landscape.yml
LICENSE.MD		LICENSE.MD
MANIFEST.in		MANIFEST.in
README.md		README.md
appveyor.yml		appveyor.yml
fibratus.yml		fibratus.yml
requirements.txt		requirements.txt
setup.py		setup.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Fibratus

Requirements

Installation

Documentation

Support

About

Releases

Packages

Languages

License

jhatch28/fibratus

Folders and files

Latest commit

History

Repository files navigation

Fibratus

Requirements

Installation

Documentation

Support

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages