首页
论坛
课程
招聘
[转帖]ExecuteAssembly - Load/Inject .NET Assemblies
2021-2-7 14:25 6319

[转帖]ExecuteAssembly - Load/Inject .NET Assemblies

2021-2-7 14:25
6319

ExecuteAssembly - Load/Inject .NET Assemblies

ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs via superfasthash hashing algorithm.

https://www.kitploit.com/2021/02/executeassembly-loadinject-net.html



[公告] 欢迎大家踊跃尝试高研班11月试题,挑战自己的极限!

收藏
点赞1
打赏
分享
最新回复 (0)
游客
登录 | 注册 方可回帖
返回