crash.software
Projects
Pull Requests
Issues
Builds
sleepmask_PatchlessHook
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY sleepmask_PatchlessHook Commits 32a6b326
🤬
  • ■ ■ ■ ■ ■
    README.md
    1  -# sleepmask_ekko_cfg
     1 +# sleepmask_PatchlessHook
    2 2  Code snippets to add on top of cobalt strike sleepmask kit so that patchless hook on AMSI and ETW can be achieved.
    3 3   
    4 4  _Only for experimental purpose._
    skipped 18 lines
    23 23   
    24 24  ## Caveat
    25 25  1. It cannot cater if your action will create new thread during the execution period of time, which means newly spawned threads at that specific period will not have patchless hook. Theoretically, the newly spawned thread(s) will have patchless hook after one sleep cycle.
    26  -2. If you want to address above caveat, you
     26 +2. If you want to address above caveat, you may hook NtCreateThreadEx to do so.
     27 +3. At the moment, it only caters x64.
    27 28   
    28 29  ## Credits
    29 30  All credits to [@rad9800](https://github.com/rad9800)
    skipped 1 lines
Please wait...
Page is in error, reload to recover