Closed thejanit0r closed 1 month ago
Added a detection to detect the usage of user-mode APCs for hiding beacons from memory scanners (sleeping beacons).
Additional information about APCs and their implementation in a sleeping beacon:
Contributed under the BSD 0-Clause License (0BSD)
Added a detection to detect the usage of user-mode APCs for hiding beacons from memory scanners (sleeping beacons).
Additional information about APCs and their implementation in a sleeping beacon:
Contributed under the BSD 0-Clause License (0BSD)