Thursday, August 11, 2022

ParallelNimcalls: Nim version of MDSec’s Parallel Syscall PoC

ParallelNimcalls

This repo contains the Nim variant of the recent MDSec’s research which is Parallel Syscalls.

You can use this code to load a clean version of ntdll.dll from the filesystem.

Compilation

You can directly compile the source code with the following command:

nim c -d:release –opt:size –passC:”-masm=intel” Main.nim

In case you get the error “cannot open file: winim/lean”, you should also install winim dependency:

nimble install winim

Reference…

Read More

Latest news
Related news