LayeredSyscall – Abusing Vectored Exception Handling to Bypass EDRs
LayeredSyscall Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows. The general idea is to generate a legitimate call stack before...