Nytro Posted April 15, 2020 Report Share Posted April 15, 2020 Ghost In The Logs This tool allows you to evade sysmon and windows event logging, my blog post about it can be found here Usage You can grab the lastest release here Starting off Once you've got the latest version execute it with no arguments to see the avalible commands $ gitl.exe Loading the hook $ gitl.exe load Enabling the hook (disabling all logging) $ gitl.exe enable Disabling the hook (enabling all logging) $ gitl.exe disable Get status of the hook $ gitl.exe status Prerequisites High integrity administrator privilages Credits Huge thanks to: hfiref0x for the amazing KDU everdox for the super cool InfinityHook Sursa: https://github.com/bats3c/ghost-in-the-logs/ Quote Link to comment Share on other sites More sharing options...