EvtMute - Filter Events Being Reported By Windows Event Logging
EvtMute - Apply A Filter To The Events Being Reported By Windows Event Logging #Apply #C2Framework #Event #Events
This is a tool that allows you to offensively use YARA to apply a filter to the events being reported by windows event logging. Usage Grap the latest verison from here. EvtMuteHook.dll contains the core functionality, once it is injected it will apply a temporary filter which will allow all events to be reported, this filter can be dynamically updated without having to reinject. I’ve written…
View On WordPress








