FilelessNTDllReflection

GitHub - D1rkMtr/FilelessNtdllReflection: Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export tableGitHub