all InfoSec news
SilentMoonwalk - PoC Implementation Of A Fully Dynamic Call Stack Spoofer
KitPloit - PenTest Tools! www.kitploit.com
PoC Implementation of a fully dynamic call stack spoofer
TL;DR
SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow.
Authors
This PoC is the result of a joint research done on the topic of stack spoofing. The authors of the research are:
I want to stress that this work would have been impossible without …
authors av evasion call control dynamic edr evasion flow irc poc remove research result rop spoofer spoofing stress windows windows 10 work