CPunch/Laika
1
0
Fork 0
mirror of https://github.com/CPunch/Laika.git synced 2024-11-22 04:50:06 +00:00
Code Issues Projects Releases Wiki Activity

Updated Obfuscation methods (markdown)

CPunch 2022-09-03 00:51:43 -05:00
parent a63fbab591
commit a2f52540ca
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Obfuscation-methods.md

@ -6,4 +6,4 @@ Laika has a tiny VM embedded in the library (`/lib/` && `/lib/core/`). This most
## Importing WinAPI during runtime (windows only)
This method is extremely common and most AVs have smartened up to it. Basically instead of having WinAPI in our IAT (Import Address Table) of the executable, we load the commonly flagged functions (things like CreatePseudoConsole, ShellExecuteA, etc.) during runtime. For detail on adding another API to be loaded during runtime, please refer to the [contributing guide](https://github.com/CPunch/Laika/blob/main/CONTRIBUTING.md#bot-windows-api-imports-obfuscation).
This method is extremely common and most AVs have smartened up to it. Basically instead of having WinAPI in our IAT (Import Address Table) of the executable, we load the commonly flagged functions (things like CreatePseudoConsole, ShellExecuteA, etc.) during runtime. For details on adding another API to be loaded during runtime, please refer to the [contributing guide](https://github.com/CPunch/Laika/blob/main/CONTRIBUTING.md#bot-windows-api-imports-obfuscation).