Skip to content

Latest commit

 

History

History
6 lines (4 loc) · 443 Bytes

README.md

File metadata and controls

6 lines (4 loc) · 443 Bytes

NTDLLReflection

Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table

image

image