| ▲ | __alexander 2 hours ago | |
No disrespect but Windhawk’s process injection loader code was cut and paste from malware source code. I can’t imagine how many AV/EDR alerts that project has generated from using ROR API hashing and PEB symbol traversing. | ||
| ▲ | __alexander 2 hours ago | |
No disrespect but Windhawk’s process injection loader code was cut and paste from malware source code. I can’t imagine how many AV/EDR alerts that project has generated from using ROR API hashing and PEB symbol traversing. | ||