[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-682":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":15,"stars7d":15,"stars30d":15,"stars90d":15,"forks30d":15,"starsTrendScore":15,"compositeScore":16,"rankGlobal":9,"rankLanguage":9,"license":17,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":18,"hasPages":18,"topics":20,"createdAt":9,"pushedAt":9,"updatedAt":21,"readmeContent":22,"aiSummary":23,"trendingCount":15,"starSnapshotCount":15,"syncStatus":24,"lastSyncTime":25,"discoverSource":26},682,"RedSun","Nightmare-Eclipse\u002FRedSun","Nightmare-Eclipse","The Red Sun vulnerability repository",null,"C++",1886,408,20,10,0,20.84,"MIT License",false,"main",[],"2026-06-12 02:00:17","# RedSun\nThe Red Sun vulnerability repository\n\nNow, normally I would just drop the PoC code and let people figure it out. But I can't for this one, it's way too funny.\nWhen Windows Defender realizes that a malicious file has a cloud tag, for whatever stupid and hilarious reason, the antivirus that's supposed to protect decides that it is a good idea to just rewrite the file it found again to it's original location. The PoC abuses this behaviour to overwrite system files and gain administrative privileges.\n\nI think antimalware products are supposed to remove malicious files not be sure they are there but that's just me.\n\n![BottomText](redsun.jpg)\n","RedSun 是一个漏洞仓库，专注于揭示并利用Windows Defender在特定条件下重写恶意文件的行为。其核心功能是通过PoC（概念验证）代码展示如何滥用此行为来覆盖系统文件并获取管理员权限，采用C++语言编写。该项目特别适用于安全研究人员和渗透测试者了解操作系统安全机制的潜在弱点，并用于教育目的以提高对安全软件设计重要性的认识。",2,"2026-05-06 17:27:04","CREATED_QUERY"]