[POSSIBLE FALSE ISSUE] -- GETTING DETECTED BY DEFENDER

Idov31 / FunctionStomping

Shellcode injection technique. Given as C++ header, standalone Rust program or library.

https://idov31.github.io/2022/01/28/function-stomping.html

GNU General Public License v3.0

684 stars 97 forks source link

[POSSIBLE FALSE ISSUE] -- GETTING DETECTED BY DEFENDER #3

Closed 0260818805 closed 2 years ago

0260818805 commented 2 years ago

Functionstomping.exe getting flagged by defender.

Idov31 commented 2 years ago

As far as I checked (and not only me: https://twitter.com/0xThiebaut/status/1486083205274951680) the detection signature is of the shellcode I generated which is completely fine (you just need to replace the shellcode with your own undetected shellcode or encrypt it). If it is a different signature than msf's signature add here a picture and I will address it.

Idov31 commented 2 years ago

I'm closing this issue because you didn't give enough details... If you have them please reopen this issue or open another one with pictures and etc :)