Nice! I was thinking about C++ constexpr function converting from module name and function name to a hash. Then searching the module list and export list hashing each element and comparing it to pre-computed hashes. This way you hide the strings from anti virus and from offline analyzers. But no, Pavel ecrypted the whole thing. Nice. Possible red flag would be running code that is not mapped to any file (that modified pages after decryption).
Recently took the Rust class. You're genuinely a wizard. Absolutely brilliant work again.
Great content. Plenty to refer to in the future. Thanks!
Nice! I was thinking about C++ constexpr function converting from module name and function name to a hash. Then searching the module list and export list hashing each element and comparing it to pre-computed hashes. This way you hide the strings from anti virus and from offline analyzers. But no, Pavel ecrypted the whole thing. Nice. Possible red flag would be running code that is not mapped to any file (that modified pages after decryption).
Hello, how are you? I want to ask you how to load dll from byte array
This is called Reflective loading. Look it up.