A repository with my/stolen code snippets for research/education purposes :D.
| Snippet Name | Description |
|---|---|
| Patching EtwEventWrite via PInvoke | C# snippet code to pathing Event Tracing for Windows (ETW) via PInvoke. |
| Patching EtwEventWrite via DInvoke | C# snippet code to pathing Event Tracing for Windows (ETW) via DInvoke. |
| Patching AmsiScanBuffer via DInvoke | C# snippet code to pathing Antimalware Scan Interface (AMSI) via DInvoke. |
| Bypass ATP and dump LSASS | Powershell code to bypass Advanced Threat Protection (ATP) and dump the LSASS process. For more details check this post Bypass Windows Defender ATP. |