IntroductionThe topic of Window NT File System ( NTFS ) is not new in the DFIR world, the ability to directly parsing o

IntroductionEarly-bird injection used to be every malware author’s favorite technique to bypass Windows defender ( a lon