The Branch Monitor is a framework based in the Branch Trace Store (BTS) feature present in modern Intel’s processor to collect execution metadata to allow malware analysis in a stealth manner. The Branch Monitor framework can work as a malware tracer, as a debugger and as a Return-Oriented-Programming (ROP) attack detector, according user’s needs. Branch monitor is implemented as a kernel driver for Windows 8 and it is source code is fully available. Check it out!