Outer Web | Explore

Explore >> Select a destination

You are here		theevilbit.github.io A simple protection against HMValidateHandle technique · theevilbit blog
\|	\|	modexp.wordpress.com Invoking System Calls and Windows Debugger Engine \| modexp	12.4 parsecs away Travel
\|	\|	Introduction Quick post about Windows System calls that I forgot about working on after the release of Dumpert by Cn33liz last year, which is described in this post. Typically, EDR and AV set hooks on Win32 API or NT wrapper functions to detect and mitigate against malicious activity. Dumpert attempts to bypass any user-level hooks...	12.4 parsecs away Travel
\|	\|	keyj.emphy.de KeyJ's Blog : Blog Archive » Writing ultra-small Windows executables	15.8 parsecs away Travel
\|	\|		15.8 parsecs away Travel
\|	\|	malwaretech.com An Introduction to Bypassing User Mode EDR Hooks	13.9 parsecs away Travel
\|	\|	Understanding the basics of user mode EDR hooking, common bypass techniques, and their limitations.	13.9 parsecs away Travel
\|	\|	zignar.net No-Config Python debugging using Neovim	100.1 parsecs away Travel
\|		Personal weblog about programming, linux, life, the universe and everything	100.1 parsecs away Travel