myzxcg
commented
11 months ago I'm very sorry, because everyone wants to fight against different EDRs, so you need to customize the AVDriver array according to different EDR driver names. For specific methods, please refer to the usage in the readme file.
can you upload them ready to use for win10 and above? like how you have in your video?
I try with sentinelone . Build started... 1>------ Build started: Project: RealBlindingEDR, Configuration: Debug x64 ------ 1>RealBlindingEDR.cpp 1>C:\Users\asus\Desktop\Kniget\EDR\RealBlindingEDR-1.1\RealBlindingEDR-1.1\RealBlindingEDR\RealBlindingEDR\RealBlindingEDR.cpp(210,7): warning C4996: 'stricmp': The POSIX name for this item is deprecated. Instead, use the ISO C and C++ conformant name: _stricmp. See online help for details. 1>C:\Users\asus\Desktop\Kniget\EDR\RealBlindingEDR-1.1\RealBlindingEDR-1.1\RealBlindingEDR\RealBlindingEDR\RealBlindingEDR.cpp(700,2): warning C4996: 'wcstombs': This function or variable may be unsafe. Consider using wcstombs_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details. 1>C:\Users\asus\Desktop\Kniget\EDR\RealBlindingEDR-1.1\RealBlindingEDR-1.1\RealBlindingEDR\RealBlindingEDR\RealBlindingEDR.cpp(874,13): warning C4018: '<': signed/unsigned mismatch 1>C:\Users\asus\Desktop\Kniget\EDR\RealBlindingEDR-1.1\RealBlindingEDR-1.1\RealBlindingEDR\RealBlindingEDR\RealBlindingEDR.cpp(951,13): warning C4018: '<': signed/unsigned mismatch 1>RealBlindingEDR.vcxproj -> C:\Users\asus\Desktop\Kniget\EDR\RealBlindingEDR-1.1\RealBlindingEDR-1.1\RealBlindingEDR\x64\Debug\RealBlindingEDR.exe 1>Done building project "RealBlindingEDR.vcxproj". ========== Build: 1 succeeded, 0 failed, 0 up-to-date, 0 skipped ========== ========== Build started at 7:14 PM and took 04.234 seconds ==========