├── .gitignore ├── 0x00 Study Roadmap └── README.MD ├── 0x01 encoding and encryption ├── AES │ ├── aes.cpp │ └── aesencrypt.py ├── Base64 │ └── base64.cpp ├── RC4 │ └── rc4.cpp ├── README.MD └── XOR │ ├── xor.cpp │ └── xor.py ├── 0x02 common loader ├── CreateThread.cpp ├── EnumThread.cpp ├── README.MD ├── README.assets │ ├── image-20230419174631527.png │ ├── image-20230419174745700.png │ └── image-20230419174847116.png ├── fpointer.cpp ├── remote.cpp └── resource.cpp ├── 0x03 call obfuscation ├── README.assets │ └── image-20240621154127218.png ├── README.md ├── UserDefineApi.h └── main.cpp ├── 0x04 process inject ├── APC injection │ └── apc.cpp ├── CRT injection │ ├── dllmain.cpp │ └── loader.cpp ├── EarlyBird APC │ └── earlybird_apc.cpp └── README.MD ├── 0x05 reflective loader └── README.MD ├── 0x06 HOOK └── README.MD ├── 0x07 Code Cave └── README.MD ├── 0x08 Signature ├── README.MD └── sigthief.py ├── 0x09 Entropy └── README.MD ├── 0x10 Reload NTDLL ├── README.MD ├── README.assets │ └── image.png └── reload ntdll.c++ ├── 0x11 PPID Spoofing ├── README.MD ├── classic_ppid_spoofing.cpp ├── emotet-wmi.cpp └── task scheduler.cpp ├── 0x12 DLL Hijacking └── README.MD ├── 0x13 Syscall └── README.MD ├── 0x14 Anti-Sandbox ├── README.MD ├── README.assets │ ├── image-20240618163022126.png │ ├── image-20240619103605078.png │ ├── image-20240619103632913.png │ ├── image-20240619110742026.png │ ├── image-20240619110755917.png │ └── image-20240619155504238.png ├── UserDefineApi(2).h ├── antivm1.h ├── delayexec.h └── main.cpp ├── 0x15 Bypass ETW └── README.MD ├── 0x16 Cmdline Spoof └── README.MD ├── README.assets ├── MyShellcodeLoader (1).png └── image-20240315181542032.png └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | .DS_Store 3 | -------------------------------------------------------------------------------- /0x00 Study Roadmap/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x00 Study Roadmap/README.MD -------------------------------------------------------------------------------- /0x01 encoding and encryption/AES/aes.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x01 encoding and encryption/AES/aes.cpp -------------------------------------------------------------------------------- /0x01 encoding and encryption/AES/aesencrypt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x01 encoding and encryption/AES/aesencrypt.py -------------------------------------------------------------------------------- /0x01 encoding and encryption/Base64/base64.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x01 encoding and encryption/Base64/base64.cpp -------------------------------------------------------------------------------- /0x01 encoding and encryption/RC4/rc4.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x01 encoding and encryption/RC4/rc4.cpp -------------------------------------------------------------------------------- /0x01 encoding and encryption/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x01 encoding and encryption/README.MD -------------------------------------------------------------------------------- /0x01 encoding and encryption/XOR/xor.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x01 encoding and encryption/XOR/xor.cpp -------------------------------------------------------------------------------- /0x01 encoding and encryption/XOR/xor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x01 encoding and encryption/XOR/xor.py -------------------------------------------------------------------------------- /0x02 common loader/CreateThread.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/CreateThread.cpp -------------------------------------------------------------------------------- /0x02 common loader/EnumThread.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/EnumThread.cpp -------------------------------------------------------------------------------- /0x02 common loader/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/README.MD -------------------------------------------------------------------------------- /0x02 common loader/README.assets/image-20230419174631527.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/README.assets/image-20230419174631527.png -------------------------------------------------------------------------------- /0x02 common loader/README.assets/image-20230419174745700.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/README.assets/image-20230419174745700.png -------------------------------------------------------------------------------- /0x02 common loader/README.assets/image-20230419174847116.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/README.assets/image-20230419174847116.png -------------------------------------------------------------------------------- /0x02 common loader/fpointer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/fpointer.cpp -------------------------------------------------------------------------------- /0x02 common loader/remote.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/remote.cpp -------------------------------------------------------------------------------- /0x02 common loader/resource.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x02 common loader/resource.cpp -------------------------------------------------------------------------------- /0x03 call obfuscation/README.assets/image-20240621154127218.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x03 call obfuscation/README.assets/image-20240621154127218.png -------------------------------------------------------------------------------- /0x03 call obfuscation/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x03 call obfuscation/README.md -------------------------------------------------------------------------------- /0x03 call obfuscation/UserDefineApi.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x03 call obfuscation/UserDefineApi.h -------------------------------------------------------------------------------- /0x03 call obfuscation/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x03 call obfuscation/main.cpp -------------------------------------------------------------------------------- /0x04 process inject/APC injection/apc.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x04 process inject/APC injection/apc.cpp -------------------------------------------------------------------------------- /0x04 process inject/CRT injection/dllmain.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x04 process inject/CRT injection/dllmain.cpp -------------------------------------------------------------------------------- /0x04 process inject/CRT injection/loader.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x04 process inject/CRT injection/loader.cpp -------------------------------------------------------------------------------- /0x04 process inject/EarlyBird APC/earlybird_apc.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x04 process inject/EarlyBird APC/earlybird_apc.cpp -------------------------------------------------------------------------------- /0x04 process inject/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x04 process inject/README.MD -------------------------------------------------------------------------------- /0x05 reflective loader/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x05 reflective loader/README.MD -------------------------------------------------------------------------------- /0x06 HOOK/README.MD: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /0x07 Code Cave/README.MD: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /0x08 Signature/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x08 Signature/README.MD -------------------------------------------------------------------------------- /0x08 Signature/sigthief.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x08 Signature/sigthief.py -------------------------------------------------------------------------------- /0x09 Entropy/README.MD: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /0x10 Reload NTDLL/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x10 Reload NTDLL/README.MD -------------------------------------------------------------------------------- /0x10 Reload NTDLL/README.assets/image.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x10 Reload NTDLL/README.assets/image.png -------------------------------------------------------------------------------- /0x10 Reload NTDLL/reload ntdll.c++: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x10 Reload NTDLL/reload ntdll.c++ -------------------------------------------------------------------------------- /0x11 PPID Spoofing/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x11 PPID Spoofing/README.MD -------------------------------------------------------------------------------- /0x11 PPID Spoofing/classic_ppid_spoofing.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x11 PPID Spoofing/classic_ppid_spoofing.cpp -------------------------------------------------------------------------------- /0x11 PPID Spoofing/emotet-wmi.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x11 PPID Spoofing/emotet-wmi.cpp -------------------------------------------------------------------------------- /0x11 PPID Spoofing/task scheduler.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x11 PPID Spoofing/task scheduler.cpp -------------------------------------------------------------------------------- /0x12 DLL Hijacking/README.MD: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /0x13 Syscall/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x13 Syscall/README.MD -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/README.MD -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/README.assets/image-20240618163022126.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/README.assets/image-20240618163022126.png -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/README.assets/image-20240619103605078.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/README.assets/image-20240619103605078.png -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/README.assets/image-20240619103632913.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/README.assets/image-20240619103632913.png -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/README.assets/image-20240619110742026.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/README.assets/image-20240619110742026.png -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/README.assets/image-20240619110755917.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/README.assets/image-20240619110755917.png -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/README.assets/image-20240619155504238.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/README.assets/image-20240619155504238.png -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/UserDefineApi(2).h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/UserDefineApi(2).h -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/antivm1.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/antivm1.h -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/delayexec.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/delayexec.h -------------------------------------------------------------------------------- /0x14 Anti-Sandbox/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x14 Anti-Sandbox/main.cpp -------------------------------------------------------------------------------- /0x15 Bypass ETW/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x15 Bypass ETW/README.MD -------------------------------------------------------------------------------- /0x16 Cmdline Spoof/README.MD: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/0x16 Cmdline Spoof/README.MD -------------------------------------------------------------------------------- /README.assets/MyShellcodeLoader (1).png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/README.assets/MyShellcodeLoader (1).png -------------------------------------------------------------------------------- /README.assets/image-20240315181542032.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/README.assets/image-20240315181542032.png -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Cherno-x/MyShellcodeLoader/HEAD/README.md --------------------------------------------------------------------------------