Repository navigation

indirect-syscalls

Website
Wikipedia

VirtualAlllocEx / DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

antivirus-bypass antivirus-evasion edr-bypass edr-evasion malware-development windows-internals direct-syscalls indirect-syscalls malware-analysis malware-development-guide workshop shellcode-loader syscalls Shell

655

1 年前

VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

av-bypass av-evasion direct-syscalls edr-bypass edr-evasion indirect-syscalls shellcode-loader

185

1 年前

voidvxvt / HellBunny

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

direct-syscalls edr-evasion indirect-syscalls malware-development msvc Windows process-injection edr-bypass dll shellcode-injection shellcode-loader

105

4 个月前

EvilBytecode / EByte-Shellcode-Loader

shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually from NTDLL using a hash-based method.

av-evasion evasion fud indirect-syscall indirect-syscalls Shell

7 个月前