Windows Events Providers Explorer

https://github.com/lallousx86/WinTools/tree/master/WEPExplorer

Background

If you ever have an idea of detecting something in Windows, you must have came across a painful process of finding a relevant event to support your hypothesis. Maybe reading documentation from Microsoft is one of the options but lack of efficiency, right? Until, I found the beauty of WEPexplorer.

Usage

Simply input the provider GUID/name, and select it

Then it return all the available events from the provider. What the most valuable thing is, the Message column gives you the idea of what kind of fields that the particular event provides.

Credit

0xeb https://twitter.com/0xeb

PreviousAtomic Red Team NextFRIDA for iOS app penetration testing

Last updated 4 years ago

Was this helpful?