|
|
|
|
|
|
by __alexander
210 days ago
|
|
|
No disrespect but Windhawk’s process injection loader code was cut and paste from malware source code. I can’t imagine how many AV/EDR alerts that project has generated from using ROR API hashing and PEB symbol traversing. |
|
|