Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-11 01:41:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

small cleanup in header files

Browse Source
This commit is contained in:
Maxime Meignan
2023-10-06 16:12:52 +02:00
parent 7be844b518
commit 43cea1f08b
41 changed files with 91 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files
EDRSandblast/KernellandBypass/ETWThreatIntel.c
+1 -1
View File
@@ -8,10 +8,10 @@
#include <Windows.h>
#include <Tchar.h>
#include "../EDRSandBlast.h"
#include "ETWThreatIntel.h"
#include "KernelMemoryPrimitives.h"
#include "NtoskrnlOffsets.h"
#include "PrintFunctions.h"
DWORD64 GetEtwThreatInt_ProviderEnableInfoAddress(BOOL verbose) {
EDRSandblast/KernellandBypass/KernelCallbacks.c
+1 -1
View File
@@ -7,7 +7,6 @@
#include <Windows.h>
#include "../EDRSandblast.h"
#include "FileUtils.h"
#include "FileVersion.h"
#include "IsEDRChecks.h"
@@ -16,6 +15,7 @@
#include "NtoskrnlOffsets.h"
#include "PEParser.h"
#include "PdbSymbols.h"
#include "PrintFunctions.h"
#include "KernelCallbacks.h"
EDRSandblast/KernellandBypass/KernelDSE.c
-1
View File
@@ -1,6 +1,5 @@
#include "windows.h"
#include "KernelDSE.h"
#include "../EDRSandblast.h"
#include "winternl.h"
#include "stdio.h" // for printf
//#include "ntstatus.h"
EDRSandblast/KernellandBypass/KernelUtils.c
+1 -1
View File
@@ -2,7 +2,7 @@
#include <Psapi.h>
#include <Tchar.h>
#include "../EDRSandblast.h"
#include "PrintFunctions.h"
DWORD64 g_NtoskrnlBaseAddress;
DWORD64 FindNtoskrnlBaseAddress(void) {
EDRSandblast/KernellandBypass/ObjectCallbacks.c
+1 -1
View File
@@ -1,7 +1,6 @@
#include <Tchar.h>
#include <Windows.h>
#include "../EDRSandblast.h"
#include "IsEDRChecks.h"
#include "PdbSymbols.h"
#include "NtoskrnlOffsets.h"
@@ -9,6 +8,7 @@
#include "KernelUtils.h"
#include "FileVersion.h"
#include "KernelCallbacks.h"
#include "PrintFunctions.h"
#include "ObjectCallbacks.h"