FunctionStomping
This is a brand-new technique for shellcode injection to evade AVs and EDRs. This technique is inspired by Module Stomping and has some similarities.The big advantage of this technique is that it isn't overwritting an entire module or PE, just one function and the target process can still use any other function from the target module.
https://github.com/Idov31/FunctionStomping
#edr #evasion #stomping #maldev #cpp
This is a brand-new technique for shellcode injection to evade AVs and EDRs. This technique is inspired by Module Stomping and has some similarities.The big advantage of this technique is that it isn't overwritting an entire module or PE, just one function and the target process can still use any other function from the target module.
https://github.com/Idov31/FunctionStomping
#edr #evasion #stomping #maldev #cpp