Mirrors/outflanknl-dumpert
1
0
Fork 0
mirror of https://github.com/outflanknl/Dumpert.git synced 2026-06-08 16:37:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Cn33liz
2019-06-19 12:36:00 +02:00
parent 908f961d62
commit 950e29a41c
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+3 -3
View File
@@ -4,6 +4,9 @@ Recent malware research shows that there is an increase in malware that is using
These tools demonstrates the use of direct System Calls and API unhooking and combine these techniques in a proof of concept code which can be used to create a LSASS memory dump using Cobalt Strike,
while not touching disk and evading AV/EDR monitored user-mode API calls.
More info about the used techniques can be found on the following Blog:
https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/
Two version of the code are included:
An executable version and a DLL version of the code.
@@ -24,7 +27,4 @@ This project is written in C and assembly.
You can use Visual Studio to compile it from source.
```
More info about the used techniques can be found on the following Blog:
https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/
The sRDI code can be found here: https://github.com/monoxgas/sRDI