UtilDebugBypassEventTracing Method
Patch the EtwEventWrite function in ntdll.dll file to bypass event tracing.
Namespace: DevCase.Core.Diagnostics.Debugging.CommonAssembly: DevCase.net48 (in DevCase.net48.dll) Version: 6.0.0.0 (6.0)
XMLNS for XAML: Not mapped to an xmlns.
public static void BypassEventTracing()
Public Shared Sub BypassEventTracing
UtilDebug.BypassEventTracing()
public:
static void BypassEventTracing()
static member BypassEventTracing : unit -> unit
No code example is currently available or this language may not be supported.
Code has been adapted from Adam Chester: https://blog.xpnsec.com/hiding-your-dotnet-etw/
and Mythic Atlas: https://github.com/its-a-feature/Mythic/tree/master/Payload_Types/atlas