%appdata% is a mistake – Introducing Invoke-DLLClone
Two days ago this tweet from vxunderground saw the light:
We’ve add a new paper to the vx-underground paper collection: An Empirical Assessment of EDR Systems against APT Attack Vectors (Revised, Part II) by @Sneakid2 and @kpatsak.
You can check it out here: https://t.co/goHypaFW49 pic.twitter.com/hTj445cdQK — vx-underground (@vxunderground) August 23, 2021
Being a redteamer this obviously peaked my interest, as evading EDRs is kinda wha…