File tree Expand file tree Collapse file tree 1 file changed +34
-0
lines changed
Expand file tree Collapse file tree 1 file changed +34
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ Name : XBootMgr.exe
3+ Description : Windows Performance Toolkit binary used to start performance traces.
4+ Author : Avihay Eldad
5+ Created : 2025-07-10
6+ Commands :
7+ - Command : xbootmgr.exe -trace "{boot|hibernate|standby|shutdown|rebootCycle}" -callBack {PATH:.exe}
8+ Description : Executes an executable after the trace is complete using the callBack parameter.
9+ Usecase : Executes code as part of post-trace automation flow.
10+ Category : Execute
11+ Privileges : Administrator
12+ MitreID : T1202
13+ OperatingSystem : Windows
14+ Tags :
15+ - Execute : EXE
16+ - Command : xbootmgr.exe -trace "{boot|hibernate|standby|shutdown|rebootCycle}" -preTraceCmd {PATH:.exe}
17+ Description : Executes an executable before each trace run using the preTraceCmd parameter.
18+ Usecase : Executes code as part of pre-trace automation or staging.
19+ Category : Execute
20+ Privileges : Administrator
21+ MitreID : T1202
22+ OperatingSystem : Windows
23+ Tags :
24+ - Execute : EXE
25+ Full_Path :
26+ - Path : C:\Program Files\Windows Kits\10\Windows Performance Toolkit\xbootmgr.exe
27+ - Path : C:\Program Files (x86)\Windows Kits\10\Windows Performance Toolkit\xbootmgr.exe
28+ Resources :
29+ - Link : https://learn.microsoft.com/en-us/previous-versions/windows/desktop/xperf/reference
30+ Acknowledgement :
31+ - Person : Avihay Eldad
32+ Handle : ' @AvihayEldad'
33+ - Person : Tommy Warren
34+ ---
You can’t perform that action at this time.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments