Add: boku7/injectEtwBypass to Defense Evasion section

2025-01-05 21:10:53 -05:00 · 2021-09-26 15:10:45 +07:00 · 2021-09-26 15:10:45 +07:00 · fac6bea46d
commit fac6bea46d
parent e561e38915
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1129,6 +1129,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/boku7/injectAmsiBypass">boku7/injectAmsiBypass</a></td>
        <td>Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/boku7/injectEtwBypass?s=09">boku7/injectEtwBypass</a></td>
+        <td>CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/br-sn/CheekyBlinder">br-sn/CheekyBlinder</a></td>
        <td>Enumerating and removing kernel callbacks using signed vulnerable drivers</td>