”syscalls“ 的搜索结果

Windows System Call Tables (NT/2000/XP/2003/Vista/7/8/10/11)

翻译 - Windows系统调用表（NT / 2000 / XP / 2003 / Vista / 2008/7/2012/8/10）

Performing Indirect Clean Syscalls

Windows NT Syscall tables

Inline syscalls made easy for windows on clang

翻译 - 内联系统调用使Clang上的Windows变得容易

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Native Syscalls Shellcode Injector

A stupid game for learning about containers, capabilities, and syscalls.

Syscall Shellcode Loader (Work in Progress)

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

Shellcode injection POC using syscalls.

Shellcode injector using direct syscalls

Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

Get fresh Syscalls from a fresh ntdll.dll copy

indirect syscalls for AV/EDR evasion in Go assembly

ETW based POC to identify direct and indirect syscalls

Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls

OCI hook to trace syscalls and generate a seccomp profile

Simple project using syscalls (via Syswhispers2) to execute MessageBox shellcode.

A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.

Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used

翻译 - Upsilon 使用系统调用执行 shellcode - 没有使用像 NtProtectVirtualMemory 这样的 API

CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)

翻译 - CobaltStrike BOF - 通过系统调用将 ETW 绕过注入远程进程 (HellsGate|HalosGate)

Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST