-
-
[转帖]ExecuteAssembly - Load/Inject .NET Assemblies
-
发表于: 2021-2-7 14:25
-
ExecuteAssembly - Load/Inject .NET Assemblies
ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs via superfasthash hashing algorithm.
https://www.kitploit.com/2021/02/executeassembly-loadinject-net.html
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
|
|
|---|---|
