forked from reveng007/ReflectiveNtdll
A Dropper POC focusing EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
License
ASkyeye/ReflectiveNtdll
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
About
A Dropper POC focusing EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (using pe2shc by @hasherezade). Payload encryption via SystemFucntion033 NtApi and No new thread via Fiber
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published
Languages
- C 99.9%
- Other 0.1%