Here it goes. A detailed blog on proxying your DLL loads and hiding the original callstack from userland hooks/ETW with a new set of undocumented API and some hacky tricks. Code is on my Github repository. This one was a brain buster 🔥
0xdarkvortex.dev/proxying-dll-l
Conversation
Maybe you should read some msdn docs instead of arrogantly shouting what you dont understand
1
1
Show replies

