Repository navigation

indirect-syscalls

Website
Wikipedia

VirtualAlllocEx / DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

antivirus-bypass antivirus-evasion edr-bypass edr-evasion malware-development windows-internals direct-syscalls indirect-syscalls malware-analysis malware-development-guide workshop shellcode-loader syscalls Shell

692

100

3 个月前

VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

av-bypass av-evasion direct-syscalls edr-bypass edr-evasion indirect-syscalls shellcode-loader

204

2 年前

voidvxvt / HellBunny

Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks

direct-syscalls edr-evasion indirect-syscalls malware-development msvc Windows process-injection edr-bypass dll shellcode-injection shellcode-loader

115

8 个月前

EvilBytecode / EByte-Shellcode-Loader

shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually from NTDLL using a hash-based method.

av-evasion evasion fud indirect-syscall indirect-syscalls Shell

1 年前

carved4 / syshash

a c implementation for native syscall resolution and execution on windows x64

indirect-syscalls process-injection

2 个月前

redeflesq / syscall-invoker

PoC for stealthy indirect Windows syscall invocation to bypass API hooks

Assembly edr-bypass edr-evasion indirect-syscalls syscalls Windows x86-64

Assembly

1 个月前