Added signatures, structs and functions for CreateProcess using PInvoke in order to obtain the PROCESS_INFORMATION structure.
This will allow us to better manage process creations and leverage features such as PPID Spoofing or Blockdlls.
New tasks in Covenant will follow to take advantage of these new functions.
Added signatures, structs and functions for CreateProcess using PInvoke in order to obtain the PROCESS_INFORMATION structure. This will allow us to better manage process creations and leverage features such as PPID Spoofing or Blockdlls.
New tasks in Covenant will follow to take advantage of these new functions.
Part of the code has been kindly stolen and adapted from TikiTorch (https://github.com/rasta-mouse/TikiTorch/blob/064c60c5e23188867a0f9c5a0626dd39718750d4/TikiLoader/Generic.cs).