• News
  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • DevOps
  • Log In
  • Sign Up
  • No bullshit
  • Cookie Policy
  • Privacy Policy
Log In / Sign Up

Author: driverenok

Blinding Sysmon completely: Manipulating ETW objects to evade monitoring
Security

Blinding Sysmon completely: Manipulating ETW objects to evade monitoring

17.04.202517/04/2025driverenok570
Immediately after getting access to the target system, the attacker tries to disable its audit tools to remain undetected as long as possible. In this article, I will explain how to blind Windows monitoring tools by manipulating the Event Tracing for Windows (ETW) subsystem.
CONTINUE READING 🡒
Blinding Sysmon: How to disable Windows monitoring in a covert way
Security

Blinding Sysmon: How to disable Windows monitoring in a covert…

27.02.202508/04/2025driverenok611
Immediately after getting access to the target system, the attacker tries to blind its audit tools to remain undetected as long as possible. In this article, I will explain how to blind Sysmon in a covert way making it possible to fool the regular Windows audit.…
CONTINUE READING 🡒
  • No bullshit
  • Cookie Policy
  • Privacy Policy
HackMag — Top-notch cybersecurity magazine © 2025
Support:support@hackmag.com