SkillAgent Search skills...⌘K

EtwSessionHijacking

A Poc on blocking Procmon from monitoring network events

Generate Convert Improve

Install / Use

/learn @NUL0x4C/EtwSessionHijacking

About this skill

Quality Score

0/100

Category

Supported Platforms

Universal

README

EtwSessionHijacking: A Poc on blocking Procmon from monitoring network events

<br> <br>

Demo:

https://user-images.githubusercontent.com/111295429/186082150-32ed304b-ba45-42a4-8baa-37dd75246c68.mp4

<br>

Based On : Design Issues Of Modern EDRs: Bypassing ETW-Based Solutions

NUL0x4C

View profile

GitHub Stars111

CategoryOperations

Updated18d ago

Forks14

NUL0x4C/EtwSessionHijacking

Languages

C++

Security Score

95/100

Audited on Mar 10, 2026

No findings