Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only! Grab it Explore advanced memory evasion techniques in this DEF CON 31 conference talk focusing on Thread Stack Spoofing and novel approaches to call stack manipulation. Dive into two groundbreaking techniques, "Full Moon" and "Half Moon," which create sophisticated methods for tampering with call stacks while maintaining logical validity and evading detection. Learn about the innovative Eclipse detection algorithm, specifically designed to identify these tampering techniques through enhanced RtlVirtualUnwind functionality and strict instruction checking. Understand the performance, limitations, and potential combinations of these techniques to create more robust call stack tampering methods. Gain valuable insights into the evolving landscape of cyber defense and memory evasion, essential knowledge for security professionals and researchers working to combat sophisticated threats in process memory manipulation.