·
4 commits
to main
since this release
Added some new important features for anti-injection.
-
Added the option to change the PE info of a module in runtime, including AddressOfEntryPoint, SizeOfImage, NumberOfSections, Image Magic, etc. which would prevent runtime info lookups, dumping, and modifications.
-
Added a way to change the image magic of the CLR to prevent info lookups which can make other external processes see the assemblies that exist in the process by using the debugger export table, but now external processes think that it doesn't exist, which makes us hide our assemblies.
-
some code improvements.