SEKTOR7 Institute · Oct 2, 2025 · 11:37 AM UTC

SEKTOR7 Institute · Oct 2, 2025 · 11:37 AM UTC

SEKTOR7 Institute

@SEKTOR7net

Oct 2

Block EDR dynamic libraries from loading. By using debugging API, exception handling and simple hooks, one can spawn a clean process (PoC blocks amsi.dll). A nice post by @dis0rder_0x00 Source: github.com/dis0rder0x00/obex #redteam #maldev #malwaredevelopment

Oct 2, 2025 · 11:37 AM UTC

281

REDOPSHIVE · Oct 2, 2025 · 1:27 PM UTC

REDOPSHIVE @designmediax

Oct 2

Replying to @SEKTOR7net @dis0rder_0x00

Nice work. Love your research works

Pavol Červeň · Oct 2, 2025 · 2:11 PM UTC

Pavol Červeň @CervenPavol

Oct 2

Replying to @SEKTOR7net @dis0rder_0x00

But I think some EDRs changing name of Dll.

Jawad Al Hashmi · Oct 3, 2025 · 6:26 AM UTC

Jawad Al Hashmi @kindnessuae

Oct 3

Replying to @SEKTOR7net @dis0rder_0x00

Impressive technique, yet undermining AMSI can only weaken overall security. Solid defenses and responsible innovation will always be essential for genuine progress.