A Windows 11 (24H2) rootkit written in Rust to implement Kernel Mode ETW bypasses.
This project is not designed to be a complete rootkit, just showcasing the elements related to ETW evasion and bypasses. This is done to complement my EDR, Sanctum, for which I am doing my own research to monitor and detect attempts to bypass the ETW mechanism in the kernel via a rootkit (or other methods of kernel mode execution).