Process-injection detection benchmark for Windows x64. Two techniques (section/classic) plus a 6-tier HollowCorpus ladder. Sysmon HIT/MISS per event ID.
windows cli golang bug-bounty etw sysmon malware-research nuclide visor red-team process-injection detection-engineering edr-detection detection-benchmark nicholas-kloster
-
Updated
Jun 8, 2026 - Go