Add: outflanknl/TamperETW to Defense Evasion section

2025-01-05 13:00:49 -05:00 · 2021-09-01 19:40:58 +07:00 · 2021-09-01 19:40:58 +07:00 · 3deb5271ee
commit 3deb5271ee
parent e40639b5da
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1256,6 +1256,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/OsandaMalith/PE2HTML">OsandaMalith/PE2HTML</a></td>
        <td>Injects HTML/PHP/ASP to the PE</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/outflanknl/TamperETW">outflanknl/TamperETW</a></td>
+        <td>PoC to demonstrate how CLR ETW events can be tampered.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/peewpw/Invoke-PSImage">peewpw/Invoke-PSImage</a></td>
        <td>Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute</td>