Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
-
Updated
Aug 31, 2022 - C++
Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
Reimplementation of Microsoft's Warbird obuscator
Integration of Microsoft Warbird with the MSVC compiler
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
Documentation of Microsoft's Warbird obfuscation
Add a description, image, and links to the microsoft-warbird topic page so that developers can more easily learn about it.
To associate your repository with the microsoft-warbird topic, visit your repo's landing page and select "manage topics."