October 13, 2023 at 12:25PM

Cordyceps: C++ self-Injecting dropper based on various EDR evasion techniques.

This project consists of a simple C++ self-Injecting dropper focused on EDR evasion. To implement it, I have combined the use of Windows Thread Pooling to hide the call stack and the use of indirect syscalls to avoid hooking in the NTDLL.