Mirrors/wavestone-cdt-edrsandblast
1
0
Fork 0
mirror of https://github.com/wavestone-cdt/EDRSandblast.git synced 2026-06-10 09:27:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated README with ObRegisterCallbacks and offsets retrieval info

Browse Source
This commit is contained in:
Maxime Meignan
2022-08-19 22:17:23 +02:00
parent 48a75a7029
commit 49fbc5d924
8 changed files with 316 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files
EDRSandblast/Utils/IsEDRChecks.c
+2
View File
@@ -6,6 +6,7 @@
*/
// List of keywords matching EDR companies as employed for binary digitial signatures.
// TODO : enrich this list
TCHAR const* EDR_SIGNATURE_KEYWORDS[] = {
_T("CarbonBlack"),
_T("CrowdStrike"),
@@ -15,6 +16,7 @@ TCHAR const* EDR_SIGNATURE_KEYWORDS[] = {
_T("Kaspersky"),
_T("McAfee"),
_T("SentinelOne"),
_T("Sentinel Labs"),
_T("Symantec")
};