You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
**Fibratus** is a tool which is able to capture the most of the Windows kernel activity - process/thread creation and termination,
file system I/O, registry, network activity, DLL loading/unloading and much more.
Fibratus has a very simple CLI which encapsulates the machinery to start the kernel event stream collector,
set kernel event filters or run the lightweight Python modules called **filaments**. You can use filaments to extend Fibratus with your own arsenal of tools.
context switches, file system I/O, registry, network activity, DLL loading/unloading and much more. The kernel events can be easly streamed to a number of output sinks like **AMQP** message brokers, **Elasticsearch** clusters or standard output stream.
You can use **filaments** (lightweight Python modules) to extend Fibratus with your own arsenal of tools and so leverage the power of the Python's ecosystem.
