search

mandiant / capa-rules

Standard collection of rules for capa: the tool for enumerating the capabilities of programs
https://github.com/mandiant/capa/
Apache License 2.0
514 stars 157 forks source link

Ghostly Hollowing process injection rule #865

Closed sara-rn closed 7 months ago

sara-rn commented 8 months ago

Ghostly Hollowing injection technique described here https://github.com/hasherezade/transacted_hollowing/tree/main#ghostly-hollowing