25Ara
NimHollow – Nim Implementation Of Process Hollowing Using Syscalls (PoC)
Playing around with the Process Hollowing technique using Nim.Features:Direct syscalls for triggering Windows Native API functions with NimlineWhispers.Shellcode encryption/decryption with AES in CTR mode.Simple sandbox detection methods from the OSEP …