anti-forensics Sysmon Image File Name Evasion Abusing a bug in Sysmon's driver to fake source processes' image file names.