Version 0.3

I made it work. After this, i make it nice.

• More robust ETW events by switching to KrabsETW
• More robust ntdll.dll hooking by patching all the bugs
• Way less crashes
• The JSON format has somewhat stabilized
• Reliable callstack addresses memory info
• Basic ETW detections
• Tested with some C2

Version 0.2

• Better detections
• example malware
• DLL callstack more reliable
• better event log JSON
• improved HTML UI
• fix PPL autostart
• ability to change process name to trace
• fix various bugs

Initial Version 0.1

Initial release for testing purposes
All should work. Should.