etw-evasion
There are 6 repositories under etw-evasion topic.
unkvolism/Fuck-Etw
Bypass the Event Trace Windows(ETW) and unhook ntdll.
EvilBytecode/Lifetime-Amsi-EtwPatch
Two in one, patch lifetime powershell console, no more etw and amsi!
EvilBytecode/ETW-Patch
code snippet provided demonstrates how to patch the EtwEventWrite function in the ntdll.dll library on Windows using CGO (C Go).
0xflux/ETW-Bypass-Rust
Event Tracing for Windows EDR bypass in Rust
Chainski/Lifetime-Amsi-EtwPatch
Loads a C# binary in memory within powershell profile, patching AMSI + ETW.
Gurpreet06/ETW-Patcher
Bypassing Event Tracing for Windows (ETW) with CSharp