This repo contains the Nim variant of the recent MDSec's research which is Parallel Syscalls.
You can use this code to load a clean version of ntdll.dll from the filesystem.
You can directly compile the source code with the following command:
nim c -d:release --opt:size --passC:"-masm=intel" Main.nim
In case you get the error "cannot open file: winim/lean", you should also install winim dependency:
nimble install winim