Detailed write-up: jonny-johnson.medium.com/no-agent-no-...
GitHub project "JonMon-Lite": github.com/jonny-jhnson...
10 months ago
0
0
0
0
Posts by Jonny Johnson
Have you ever wondered if there was a way to deploy a "Remote EDR"? Today I'm excited to share research I've been working on for the past couple months.
This dives into DCOM Interfaces that enable remote ETW trace sessions without dropping an agent to disk.
(Write-up and project link below)
10 months ago
3
1
1
0
I am happy to announce JonMon2.0 has been published.
2.0 offers a lot of feature updates, as well as stability. More features still to come as time goes on. Enjoy and let me know if you have any issues or questions.
Link: github.com/jsecurity101...
1 year ago
0
0
0
0
New EtwInspector kinda going hard 👀
1 year ago
1
0
0
0
The perfect loader library was updated this week to support changes made on Windows 11 24H2. A big thank you to Jarrod Davis (@tinybiggames.com) for reporting the issue and helping work on a solution!
A full writeup on the issues and fixes can be found here:
github.com/EvanMcBroom/...
1 year ago
7
2
0
0
Converted Matt Graeber's TraceLogging PS script into C# into the new EtwInspector.
gist.github.com/mattifestati...
Working quite well.
New EtwInspector coming soon...
1 year ago
4
1
0
0
My goal by the end of the year was to finish JonMon 2.0 and I am happy to say that I have done that....Now just to clean up the code, fix the wiki, and write a blog. Stay tuned :)
1 year ago
2
0
0
0
JonMon with the AMSI logs 👀
1 year ago
1
0
0
0
Oh this is sick I didn’t know this. Thanks for sharing!
1 year ago
0
0
0
0
Advertisement
Oh LETS GO
1 year ago
0
0
0
0
