indirect-syscalls

Here are 3 public repositories matching this topic...

VirtualAlllocEx / DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

workshop shellcode syscalls malware-analysis malware-development shellcode-loader antivirus-evasion windows-internals edr-bypass edr-evasion antivirus-bypass malware-development-guide direct-syscalls indirect-syscalls

Updated Jan 19, 2024
C

VirtualAlllocEx / Direct-Syscalls-vs-Indirect-Syscalls

Sponsor

Star

The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls

shellcode-loader av-evasion av-bypass windows-int edr-bypass edr-evasion direct-syscalls indirect-syscalls

Updated Jan 20, 2024
C

EvilBytecode / EByte-Shellcode-Loader

Star

shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually from NTDLL using a hash-based method.

shellcode evasion fud av-evasion shellcode-runner indirect-syscall indirect-syscalls shellcode-laoder

Updated Sep 16, 2024
D

Improve this page

Add a description, image, and links to the indirect-syscalls topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the indirect-syscalls topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly