Bypass the Event Trace Windows(ETW) and unhook ntdll.
-
Updated
Sep 29, 2023 - C
#
etw-evasion
Here are 2 public repositories matching this topic...
A proof of concept ETW consumer that captures userland events in real time, displays them, and saves them into an .etl file
-
Updated
Mar 2, 2025 - C
Improve this page
Add a description, image, and links to the etw-evasion topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the etw-evasion topic, visit your repo's landing page and select "manage topics."