SEKTOR7 Institute (@sektor7net) 's Twitter Profile
SEKTOR7 Institute

@sektor7net

Homo Aptus.
Vincit qui se vincit - Publilius Syrus.
Consulting, Training, Technology, Cyber domain, and more...
@x33fcon founder.

ID: 1120035459739136001

linkhttps://institute.sektor7.net calendar_today21-04-2019 18:43:57

1,1K Tweet

13,13K Followers

354 Following

SEKTOR7 Institute (@sektor7net) 's Twitter Profile Photo
SEKTOR7 Institute
@sektor7net

a month ago

Another way to circumvent ETW logging the SetThreadContext() calls - use NtContinue()/ZwContinue() instead. Calling thread can change its CONTEXT, including debug registers. This can be used in any patchless hooking, also as an AMSI bypass. A post by Rad Kawar (Rad). Well

Another way to circumvent ETW logging the SetThreadContext() calls - use NtContinue()/ZwContinue() instead. Calling thread can change its CONTEXT, including debug registers. This can be used in any patchless hooking, also as an AMSI bypass. A post by Rad Kawar (<a href="/rad9800/">Rad</a>). Well