lolzz1234
lolzz1234
Seems like bam does log the execution of console applications in windows 11, even when it is run through a commandline like cmd.exe
I tested this with other dlls, I added an ico resource and changed the extension to .ico. It didnt run anything when loaded by explorer...
I was wondering if this may be possible purely using dll injection.
Restarting eventlog is detectable. Is there any way around this?