#1
Zer0 Day Lab

N/A
Posts

Threads

Likes

Credits
[Photo] EDRSandBlast

EDRSandBlast

— User-mode (API hooking) evasion;
— Kernel-mode (callbacks and ETW ThreatIntel events) evasion;
— Successively tested on market-leading EDR products.

https://github.com/wavestone-cdt/EDRSand...n30Release

#maldev #edr #lsass #evasion #redteam


https://t.me/zer0daylab/3453