Giters

unkvolism / Fuck-Etw

Bypass the Event Trace Windows(ETW) and unhook ntdll.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

etw-evasionevasionmalwarentdll-unhookingred-team

「⚙️」Bypass ETW & Ntdll Unhooking

Bypass the Event Trace Windows(ETW) and unhook ntdll.

         _______           _______  _        _______ _________
        (  ____ \|\     /|(  ____ \| \    /\(  ____ \\__   __/|\     /|
        | (    \/| )   ( || (    \/|  \  / /| (    \/   ) (   | )   ( |
        | (__    | |   | || |      |  (_/ / | (__       | |   | | _ | |
        |  __)   | |   | || |      |   _ (  |  __)      | |   | |( )| |
        | (      | |   | || |      |  ( \ \ | (         | |   | || || |
        | )      | (___) || (____/\|  /  \ \| (____/\   | |   | () () |
        |/       (_______)(_______/|_/    \/(_______/   )_(   (_______)

                                [Made by sorahed]
                                        [v1.0]



[i] Hooked Ntdll Base Address : 0x00007FFA9A110000
[i] Unhooked Ntdll Base Address: 0x00007FF7C970F000

[+] PID Of The Current Proccess: [1956]

[#] Ready For ETW Patch.
[+] Press <Enter> To Patch ETW ...


[+] ETW Patched, No Logs No Crime !

About

Bypass the Event Trace Windows(ETW) and unhook ntdll.

etw-evasionevasionmalwarentdll-unhookingred-team

Languages

Language:C 76.6%Language:C++ 23.4%