Skip to content

Basically a KrabsETW rip-off written in Rust

License

Notifications You must be signed in to change notification settings

jonasmartin/ferrisetw

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

FerrisETW 🦀

This crate provides safe Rust abstractions over the ETW consumer APIs.

It started as a KrabsETW rip-off written in Rust (hence the name Ferris 🦀). All credits go to the team at Microsoft who develop KrabsEtw, without it, this project probably wouldn't be a thing.
Since version 1.0, the API and internal architecture of this crate is slightly diverging from krabsetw, so that it is more Rust-idiomatic.

Examples

You can find a examples within the crate documentation on doc.rs, as well as the examples and the tests folders.

If you are familiar with KrabsETW you'll see that is very similar. In case you've never used KrabsETW before, the examples are very straight forward and should be easy to follow. If you have any issues don't hesitate in asking.

Documentation

This crate is documented at docs.rs.

Notes

  • The project is still WIP. Feel free to report bugs, issues, feature requests, etc. Of course, contributing will be happily accepted!

  • The types available for parsing are those that implement the trait TryParse for Parser, basic types are already implemented. In the near future I'll add more :)

  • I tried to keep dependencies as minimal as possible, also you'll see I went with the new windows-rs instead of using the winapi. This is a personal decision mainly because I believe the Windows bindings is going to be the "standard" to interact with the Windows API in the near future.

Acknowledgments

  • First of all, the team at MS who develop KrabsETW!!
  • Shaddy for, pretty much, teaching me all the Rust I know 😃
  • n4r1b for creating this great crate
  • daladim for adding even more features

About

Basically a KrabsETW rip-off written in Rust

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Rust 100.0%