├── .NET Reflection for post exploitation
    ├── Bypass
    │   ├── DefinetlyNotAnAmsiPatch.csproj
    │   ├── DefinetlyNotAnAmsiPatch.sln
    │   ├── Program.cs
    │   └── Properties
    │   │   └── AssemblyInfo.cs
    ├── Injectme
    │   ├── InjectMe.csproj
    │   ├── InjectMe.sln
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   └── bin
    │   │   ├── Debug
    │   │       ├── InjectMe.exe
    │   │       └── InjectMe.pdb
    │   │   └── Release
    │   │       ├── InjectMe.exe
    │   │       └── InjectMe.pdb
    ├── README.md
    ├── loader1
    │   ├── Loader1.csproj
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   ├── ReflectionTalk.sln
    │   └── app.config
    ├── loader2
    │   ├── Loader2.csproj
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   └── app.config
    ├── loader3
    │   ├── Loader3.csproj
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   └── app.config
    ├── loader4
    │   ├── Loader4.csproj
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   └── app.config
    ├── loader5
    │   ├── Loader5.csproj
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   └── app.config
    ├── loader6
    │   ├── App.config
    │   ├── Loader-SeperateAppDomain.csproj
    │   ├── Loader-SeperateAppDomain.sln
    │   ├── Program.cs
    │   └── Properties
    │   │   └── AssemblyInfo.cs
    └── reflection for post exploitation tradecraft in an EDR world.pdf
├── DInvoke to defeat EDRs
    ├── DemoDInvokeLoader
    │   ├── .gitattributes
    │   ├── .gitignore
    │   ├── App.config
    │   ├── DInvoke
    │   │   ├── DynamicInvoke
    │   │   │   ├── Generic.cs
    │   │   │   ├── Native.cs
    │   │   │   └── Win32.cs
    │   │   ├── Injection
    │   │   │   ├── Allocation.cs
    │   │   │   ├── Execution.cs
    │   │   │   ├── Injector.cs
    │   │   │   └── Payload.cs
    │   │   ├── ManualMap
    │   │   │   ├── Map.cs
    │   │   │   └── Overload.cs
    │   │   ├── Properties
    │   │   │   └── AssemblyInfo.cs
    │   │   ├── SharedData
    │   │   │   ├── Native.cs
    │   │   │   ├── PE.cs
    │   │   │   └── Win32.cs
    │   │   └── SharedUtilities
    │   │   │   └── Utilities.cs
    │   ├── EDRGoesBrrr.csproj
    │   ├── EDRGoesBrrr.sln
    │   ├── FodyWeavers.xml
    │   ├── FodyWeavers.xsd
    │   ├── Program.cs
    │   ├── StructsAndDelegates.cs
    │   └── packages.config
    ├── DemoEDR
    │   ├── .gitattributes
    │   ├── .gitignore
    │   ├── README.md
    │   ├── SylantStrike.sln
    │   ├── SylantStrike
    │   │   ├── SylantStrike.cpp
    │   │   ├── SylantStrike.h
    │   │   ├── SylantStrike.vcxproj
    │   │   ├── SylantStrike.vcxproj.filters
    │   │   ├── cpp.hint
    │   │   ├── dllmain.cpp
    │   │   ├── framework.h
    │   │   ├── minhook
    │   │   │   ├── include
    │   │   │   │   └── MinHook.h
    │   │   │   └── src
    │   │   │   │   ├── buffer.c
    │   │   │   │   ├── buffer.h
    │   │   │   │   ├── hde
    │   │   │   │       ├── hde32.c
    │   │   │   │       ├── hde32.h
    │   │   │   │       ├── hde64.c
    │   │   │   │       ├── hde64.h
    │   │   │   │       ├── pstdint.h
    │   │   │   │       ├── table32.h
    │   │   │   │       └── table64.h
    │   │   │   │   ├── hook.c
    │   │   │   │   ├── trampoline.c
    │   │   │   │   └── trampoline.h
    │   │   ├── pch.cpp
    │   │   └── pch.h
    │   └── SylantStrikeInject
    │   │   ├── App.config
    │   │   ├── BasicInject.cs
    │   │   ├── Options.cs
    │   │   ├── Program.cs
    │   │   ├── Properties
    │   │       └── AssemblyInfo.cs
    │   │   └── SylantStrikeInject.csproj
    ├── DemoLoader
    │   ├── .gitattributes
    │   ├── .gitignore
    │   ├── App.config
    │   ├── DemoBasicLoader.csproj
    │   ├── DemoBasicLoader.sln
    │   ├── IMPORTS.cs
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   └── STRUCTS.cs
    ├── DemoMalwareProtect
    │   ├── .gitattributes
    │   ├── .gitignore
    │   ├── App.config
    │   ├── DemoMalwareProtect.csproj
    │   ├── IMPORTS.cs
    │   ├── Program.cs
    │   ├── Properties
    │   │   └── AssemblyInfo.cs
    │   └── STRUCTS.cs
    ├── NVISO - BrownBag - Defeating EDRs using DInvoke.pptx
    └── README.md
└── README.md


/.NET Reflection for post exploitation/Bypass/DefinetlyNotAnAmsiPatch.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Bypass/DefinetlyNotAnAmsiPatch.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Bypass/DefinetlyNotAnAmsiPatch.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Bypass/DefinetlyNotAnAmsiPatch.sln


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Bypass/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Bypass/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Bypass/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Bypass/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/InjectMe.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/InjectMe.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/InjectMe.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/InjectMe.sln


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/bin/Debug/InjectMe.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/bin/Debug/InjectMe.exe


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/bin/Debug/InjectMe.pdb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/bin/Debug/InjectMe.pdb


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/bin/Release/InjectMe.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/bin/Release/InjectMe.exe


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/Injectme/bin/Release/InjectMe.pdb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/Injectme/bin/Release/InjectMe.pdb


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/README.md


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader1/Loader1.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader1/Loader1.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader1/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader1/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader1/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader1/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader1/ReflectionTalk.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader1/ReflectionTalk.sln


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader1/app.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader1/app.config


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader2/Loader2.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader2/Loader2.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader2/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader2/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader2/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader2/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader2/app.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader2/app.config


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader3/Loader3.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader3/Loader3.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader3/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader3/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader3/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader3/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader3/app.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader3/app.config


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader4/Loader4.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader4/Loader4.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader4/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader4/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader4/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader4/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader4/app.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader4/app.config


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader5/Loader5.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader5/Loader5.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader5/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader5/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader5/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader5/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader5/app.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader5/app.config


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader6/App.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader6/App.config


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader6/Loader-SeperateAppDomain.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader6/Loader-SeperateAppDomain.csproj


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader6/Loader-SeperateAppDomain.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader6/Loader-SeperateAppDomain.sln


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader6/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader6/Program.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/loader6/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/loader6/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/.NET Reflection for post exploitation/reflection for post exploitation tradecraft in an EDR world.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/.NET Reflection for post exploitation/reflection for post exploitation tradecraft in an EDR world.pdf


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/.gitattributes:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/.gitattributes


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/.gitignore


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/App.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/App.config


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/DynamicInvoke/Generic.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/DynamicInvoke/Generic.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/DynamicInvoke/Native.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/DynamicInvoke/Native.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/DynamicInvoke/Win32.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/DynamicInvoke/Win32.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Allocation.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Allocation.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Execution.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Execution.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Injector.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Injector.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Payload.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Injection/Payload.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/ManualMap/Map.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/ManualMap/Map.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/ManualMap/Overload.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/ManualMap/Overload.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedData/Native.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedData/Native.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedData/PE.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedData/PE.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedData/Win32.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedData/Win32.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedUtilities/Utilities.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/DInvoke/SharedUtilities/Utilities.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/EDRGoesBrrr.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/EDRGoesBrrr.csproj


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/EDRGoesBrrr.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/EDRGoesBrrr.sln


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/FodyWeavers.xml:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/FodyWeavers.xml


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/FodyWeavers.xsd:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/FodyWeavers.xsd


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/Program.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/StructsAndDelegates.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/StructsAndDelegates.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoDInvokeLoader/packages.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoDInvokeLoader/packages.config


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/.gitattributes:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/.gitattributes


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/.gitignore


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/README.md


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike.sln


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.cpp


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.vcxproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.vcxproj


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.vcxproj.filters:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/SylantStrike.vcxproj.filters


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/cpp.hint:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/cpp.hint


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/dllmain.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/dllmain.cpp


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/framework.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/framework.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/include/MinHook.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/include/MinHook.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/buffer.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/buffer.c


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/buffer.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/buffer.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde32.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde32.c


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde32.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde32.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde64.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde64.c


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde64.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/hde64.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/pstdint.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/pstdint.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/table32.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/table32.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/table64.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hde/table64.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hook.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/hook.c


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/trampoline.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/trampoline.c


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/trampoline.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/minhook/src/trampoline.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/pch.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/pch.cpp


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrike/pch.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrike/pch.h


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/App.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/App.config


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/BasicInject.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/BasicInject.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/Options.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/Options.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/Program.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/SylantStrikeInject.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoEDR/SylantStrikeInject/SylantStrikeInject.csproj


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/.gitattributes:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/.gitattributes


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/.gitignore


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/App.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/App.config


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/DemoBasicLoader.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/DemoBasicLoader.csproj


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/DemoBasicLoader.sln:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/DemoBasicLoader.sln


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/IMPORTS.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/IMPORTS.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/Program.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoLoader/STRUCTS.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoLoader/STRUCTS.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/.gitattributes:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/.gitattributes


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/.gitignore:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/.gitignore


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/App.config:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/App.config


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/DemoMalwareProtect.csproj:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/DemoMalwareProtect.csproj


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/IMPORTS.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/IMPORTS.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/Program.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/Program.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/Properties/AssemblyInfo.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/DemoMalwareProtect/STRUCTS.cs:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/DemoMalwareProtect/STRUCTS.cs


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/NVISO - BrownBag - Defeating EDRs using DInvoke.pptx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/NVISO - BrownBag - Defeating EDRs using DInvoke.pptx


--------------------------------------------------------------------------------
/DInvoke to defeat EDRs/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/NVISOsecurity/brown-bags/HEAD/DInvoke to defeat EDRs/README.md


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # brown-bags


--------------------------------------------------------------------------------