reveng007/DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
CMIT
Stargazers
- 0range-xTencent
- Ajatars
- aleenzz
- Alien3407
- BlackNurse
- boku7IBM X-Force Red Adversary Simulation
- bopin2020Fairyland
- bravery9
- bu-shuoChina
- chengjianshia
- ChoiSG
- chr0n1kMacroSec Ltd
- clod81Tier Zero Security
- cocoonkidin transit
- Darktortue
- ezhangle
- FZKiritsugu
- Ghostaskynull
- GitPlaya
- hoaazz
- HyWell
- Libraggbond
- Mamor5409localhost
- poprbp
- PurpleWaveIOPurpleWaveIO
- puzzithinker
- Ridter
- SaadAhlaMorocco
- ScriptIdiotHong Kong
- shogunlabShogun Lab
- Spambustas
- timwhitez@bytedance
- xrkkBLCU
- yeshuibo
- z1mu
- zerdnem