Open ghost opened 2 years ago
Hi @Revozop, yes, I'm afraid donut also need to be customised.
"Assembly" is a wrapper to load the binary using .NET Assembly.Load(byte[])
method. You can use it, but it will work only if you're packing a .NET binary.
The New sandbox of windows defender is detecting, this is not only for inceptor but for almost, u can check it
i viewed 3 modes for run dotnet assembly classic service
how to use assembly load or service? have any tutorial about i can use it?
edit: Windows defender updated and detecting donut stubs, i need use new codes in csharp to stay away from detections, if i try use old stubs (like old rat's and more) the AV detect fast in runtime execution