SaadAhla/NTDLLReflection
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table
C++MIT
Stargazers
- 0range-xTencent
- 0xSh3RlocK
- a7t0fwa7
- b4nbirdNanjing,china
- beerandgin
- benheisehttps://rallysecurity.com
- chr0n1kMacroSec Ltd
- cyberbutler
- Cyberdyne-Security
- DamonMohammadbagher
- DarleneCNetflix
- Dr3adZz
- EnumSecSec-1
- expl0itabl3Northwave
- GerhardBotha97SecurityHQ
- iccugs
- joshualoudenIndianapolis, IN
- jrpanda
- klezVirusBSI CSIR
- luxcupitor
- m3rcerAltered Security
- majid-derkaoui
- marciopocebon
- netvipedynexo GmbH
- ongyuann
- PaulzePirate
- po0p
- rmusser01Someplace
- royweisfeld
- SegmaSec
- sertralino
- shrek3n
- superuser5m00n
- Thauza
- TheBytemaster
- u0m3Bucharest, Romania