Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-08 16:37:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

add new Tehtris driver

Browse Source 
new name for the Tehtris driver
This commit is contained in:
Alice
2022-06-15 11:36:31 +02:00
committed by GitHub
parent 487047f9db
commit 0109de4937
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
EDRSandblast/EDRBypass/KernelCallbacks.c
+2 -1
View File
@@ -484,6 +484,7 @@ TCHAR const* EDR_DRIVERS[] = {
_T("SE46Filter.sys"), _T("SE46Filter.sys"),
// TEHTRI-Security // TEHTRI-Security
_T("egambit.sys"), _T("egambit.sys"),
_T("egfilterk.sys"),
// Tencent // Tencent
_T("TesMon.sys"), _T("TesMon.sys"),
_T("QQSysMonX64.sys"), _T("QQSysMonX64.sys"),
@@ -1852,4 +1853,4 @@ void RemoveAllEDRKernelCallbacks(struct FOUND_EDR_CALLBACKS* edrDrivers, BOOL ve
RemoveEDR_X_Callbacks(CREATE_PROCESS_ROUTINE, edrDrivers, verbose); RemoveEDR_X_Callbacks(CREATE_PROCESS_ROUTINE, edrDrivers, verbose);
RemoveEDR_X_Callbacks(CREATE_THREAD_ROUTINE, edrDrivers, verbose); RemoveEDR_X_Callbacks(CREATE_THREAD_ROUTINE, edrDrivers, verbose);
RemoveEDR_X_Callbacks(LOAD_IMAGE_ROUTINE, edrDrivers, verbose); RemoveEDR_X_Callbacks(LOAD_IMAGE_ROUTINE, edrDrivers, verbose);
} }