GitHub / VirtualAlllocEx / DSC_SVC_REMOTE
This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.
JSON API: http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/VirtualAlllocEx%2FDSC_SVC_REMOTE
PURL: pkg:github/VirtualAlllocEx/DSC_SVC_REMOTE
Stars: 54
Forks: 11
Open issues: 0
License: None
Language: C
Size: 21.5 KB
Dependencies parsed at: Pending
Created at: over 2 years ago
Updated at: 27 days ago
Pushed at: over 2 years ago
Last synced at: 6 days ago
Topics: av-bypass, av-evasion, direct-syscalls, edr-bypass, edr-evasion
Funding Links https://github.com/sponsors/VirtualAlllocEx