Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: direct-syscalls

VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

Language: C - Size: 24.4 KB - Last synced at: 3 days ago - Pushed at: over 1 year ago - Stars: 190 - Forks: 24

annihilatorq/shadow_syscall

windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around KUSER_SHARED_DATA. supported compilers: clang, gcc and msvc

Language: C++ - Size: 249 KB - Last synced at: 1 day ago - Pushed at: 11 days ago - Stars: 178 - Forks: 21

jungjin0003/HellsGate

Hell's Gate (Direct System Call)

Language: C - Size: 0 Bytes - Last synced at: 14 days ago - Pushed at: 15 days ago - Stars: 0 - Forks: 0

VirtualAlllocEx/DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Language: C - Size: 16.3 MB - Last synced at: 1 day ago - Pushed at: over 1 year ago - Stars: 658 - Forks: 95

VirtualAlllocEx/Direct-Syscalls-A-journey-from-high-to-low

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

Language: C - Size: 592 KB - Last synced at: 3 days ago - Pushed at: about 2 years ago - Stars: 133 - Forks: 23

voidvxvt/HellBunny

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

Language: C - Size: 617 KB - Last synced at: about 1 month ago - Pushed at: 5 months ago - Stars: 101 - Forks: 19

Fadouse/BypassETWDirectSyscallShellcodeLoader

BypassETWDirectSyscallShellcodeLoader is a robust C++14 application designed for secure and stealthy shellcode execution. It incorporates advanced anti-debugging and anti-sandboxing techniques to evade detection and analysis, making it suitable for penetration testing and security research.

Language: C++ - Size: 241 KB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 9 - Forks: 0

VirtualAlllocEx/DSC_SVC_REMOTE

This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for local privilege escalation in the context of an unquoted service path, etc. The payload itself can be remotely hosted, downloaded via the wininet library and then executed via direct system calls.

Language: C - Size: 21.5 KB - Last synced at: 3 days ago - Pushed at: about 2 years ago - Stars: 51 - Forks: 11

Related Keywords
direct-syscalls 8 edr-bypass 5 edr-evasion 5 shellcode-loader 4 av-bypass 3 av-evasion 3 indirect-syscalls 3 shellcode 2 malware-development 2 syscalls 2 shellcode-injection 2 maldev 1 iat-camouflage 1 dll-sideloading 1 dll 1 api-hashing 1 workshop 1 windows-internals 1 malware-development-guide 1 malware-analysis 1 windows-int 1 msvc 1 native-api 1 ntapi 1 payload-encryption 1 process-injection 1 windows 1 bypass-antivirus 1 dynamic-api-resolution 1 ettw-bypass 1 injector 1 redteam-tool 1 analysis 1 cpp 1 export 1 getmodulehandle 1 getprocaddress 1 hashing 1 header-only 1 masm 1 obfuscation 1 reverse-engineering 1 shadow-syscalls 1 syscall 1 win-internals 1 direct-system-call 1 hell-gate 1 hellgate 1 hells-gate 1 hellsgate 1 manual-syscall 1 manual-system-call 1 antivirus-bypass 1 antivirus-evasion 1