Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: indirect-syscalls

VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

Language: C - Size: 24.4 KB - Last synced at: 3 days ago - Pushed at: over 1 year ago - Stars: 190 - Forks: 24

VirtualAlllocEx/DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Language: C - Size: 16.3 MB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 658 - Forks: 95

voidvxvt/HellBunny

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

Language: C - Size: 617 KB - Last synced at: about 2 hours ago - Pushed at: 5 months ago - Stars: 105 - Forks: 19

EvilBytecode/EByte-Shellcode-Loader

shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually from NTDLL using a hash-based method.

Language: D - Size: 142 KB - Last synced at: about 1 month ago - Pushed at: 8 months ago - Stars: 9 - Forks: 1

Related Keywords
indirect-syscalls 4 direct-syscalls 3 edr-bypass 3 edr-evasion 3 shellcode-loader 3 av-evasion 2 malware-development 2 shellcode 2 maldev 1 msvc 1 native-api 1 ntapi 1 payload-encryption 1 process-injection 1 shellcode-injection 1 windows 1 evasion 1 fud 1 indirect-syscall 1 shellcode-laoder 1 shellcode-runner 1 iat-camouflage 1 dll-sideloading 1 dll 1 api-hashing 1 workshop 1 windows-internals 1 syscalls 1 malware-development-guide 1 malware-analysis 1 antivirus-evasion 1 antivirus-bypass 1 windows-int 1 av-bypass 1