Shellcode injector using direct syscalls
The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
Injects shellcode into remote processes using direct syscalls
ETW based POC to identify direct and indirect syscalls
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.
Shellcode injection POC using syscalls.
Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
Inline syscalls made easy for windows on clang
翻译 - 内联系统调用使Clang上的Windows变得容易
Direct Sparse Odometry
翻译 - 直接稀疏里程表
Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)
翻译 - Windows系统调用表(NT / 2000 / XP / 2003 / Vista / 2008/7/2012/8/10)
Get fresh Syscalls from a fresh ntdll.dll copy
A stupid game for learning about containers, capabilities, and syscalls.
Semi-direct Visual Odometry
翻译 - 半直接视觉测程
Direct Sparse Mapping
Simple Laser Direct Lithography / Laser Direct Imaging for PCB manufacturing