Quantopy Windows Module
Collects and securely sends detailed data about Windows sessions for automated analysis. The core is written in C#, while some parts are written as native DLLs for finer control and efficiency. A lot of Windows internal mechanisms are used for querying different data, such as WMI, COM and standard Win32 API calls.
One unsettling take away from this project was how much data you can collect on Windows when running as a normal unprivileged app. Basically anything you can imagine and more!