National Cyber Warfare Foundation (NCWF)

SindriKit 1.3.0 Abuses Call Stack Spoofing to Bypass EDR Detection


0 user ratings
2026-07-07 13:01:08
milo
Red Team (CNA)

SindriKit 1.3.0 introduces a significant advancement in evading Endpoint Detection and Response (EDR) systems by exploiting dynamic call stack spoofing. This method defeats telemetry that inspects kernel-transition call chains, going beyond just user-mode hooks. Previously, SindriKit 1.2.0 had already separated syscall invocations via indirect syscalls, redirecting to legitimate syscall return instructions in ntdll.dll to evade […]


The post SindriKit 1.3.0 Abuses Call Stack Spoofing to Bypass EDR Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Divya

Source: gbHackers
Source Link: https://gbhackers.com/sindrikit-1-3-0-abuses-call-stack-spoofing/


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Red Team (CNA)



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.