LTears/WINAPI

WINAPI

Just some interesting stuff in C++:

• LSASS_Access
  • RtlReportSilentProcessExit
  • Ntdll unhook and MiniDumpWriteDump
• NTFS_ExtendedAttributes - getting file's NTFS extended attributes
• Registry
  • Invisible registry key
  • Fileless binary storage
  • https://github.com/ewhitehats/InvisiblePersistence/blob/master/InvisibleRegValues_Whitepaper.pdf