AtomBombing CFG-Protected Processes

Injection Techniques, AtomBombing, CFG, code injection, Control Flow Guard, Windows, enSilo Breaking Malware, enSilo Corporate and Product

TL;DR: We show AtomBombing modifications to enable us to inject code into CFG-protected processes.

Read More

Documenting the Undocumented: Adding CFG Exceptions

documentation, CFG, Control Flow Guard, NtSetInformationVirtualMemory, Windows, enSilo Breaking Malware, enSilo Corporate and Product

TL;DR Microsoft’s Control Flow Guard (CFG) is a security feature that prevents the abuse of indirect calls

Read More