A demo that loads and runs a code using detached NTDLL (in order to evade userland hooks monitoring activity).
WARNING: Experimental version.
- uses library:
https://github.com/hasherezade/libpeconv.git
A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
A demo that loads and runs a code using detached NTDLL (in order to evade userland hooks monitoring activity).
WARNING: Experimental version.
A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.