inosec2 / etwpatching Goto Github PK
View Code? Open in Web Editor NEWThis project forked from askyeye/etwpatching
Patching Event Tracing for Windows, by overwriting "call ntdll!EtwpEventWriteFull" inside ntdll!EtwEventWrite , the patched call do the actual Event Writing