├── .github
    └── workflows
    │   └── test.yml
├── .gitignore
├── LICENSE.txt
├── README.md
├── docs
    └── Event_Tracing_for_Windows_Internals.pdf
├── patch
    ├── extensions_init.patch
    └── windows_init.patch
├── plugins
    └── etwscan.py
├── setup.sh
└── volatility3
    └── volatility3
        └── framework
            └── symbols
                └── windows
                    ├── __init__.py
                    └── extensions
                        └── __init__.py


/.github/workflows/test.yml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/.github/workflows/test.yml


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/.gitignore


--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/LICENSE.txt


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/README.md


--------------------------------------------------------------------------------
/docs/Event_Tracing_for_Windows_Internals.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/docs/Event_Tracing_for_Windows_Internals.pdf


--------------------------------------------------------------------------------
/patch/extensions_init.patch:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/patch/extensions_init.patch


--------------------------------------------------------------------------------
/patch/windows_init.patch:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/patch/windows_init.patch


--------------------------------------------------------------------------------
/plugins/etwscan.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/plugins/etwscan.py


--------------------------------------------------------------------------------
/setup.sh:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/setup.sh


--------------------------------------------------------------------------------
/volatility3/volatility3/framework/symbols/windows/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/volatility3/volatility3/framework/symbols/windows/__init__.py


--------------------------------------------------------------------------------
/volatility3/volatility3/framework/symbols/windows/extensions/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JPCERTCC/etw-scan/HEAD/volatility3/volatility3/framework/symbols/windows/extensions/__init__.py


--------------------------------------------------------------------------------