indirect-syscalls · GitHub Topics

VirtualAlllocEx / DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

antivirus-bypass antivirus-evasion edr-bypass edr-evasion malware-development windows-internals direct-syscalls indirect-syscalls malware-analysis malware-development-guide workshop shellcode-loader syscalls Shell

C 666

24 天前

VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

av-bypass av-evasion direct-syscalls edr-bypass edr-evasion indirect-syscalls shellcode-loader

C 194

1 年前

voidvxvt / HellBunny

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

direct-syscalls edr-evasion indirect-syscalls malware-development msvc Windows process-injection edr-bypass dll shellcode-injection shellcode-loader

C 107

6 个月前

EvilBytecode / EByte-Shellcode-Loader

shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually from NTDLL using a hash-based method.

av-evasion evasion fud indirect-syscall indirect-syscalls Shell

D 9

9 个月前