├── AntiSimpleVirtual ├── AntiSimpleVirtual.cpp ├── README.md └── antiVirtualBox.cpp ├── ProcessHollowing ├── README.md └── changeRIPaddressToShellcode │ ├── ConsoleApplication1.cpp │ └── README.md ├── README.md ├── SysWhisper ├── README.md ├── syscall-asm.x64.asm ├── syscall.c ├── syscall.h └── test.cpp ├── Use-After-Free ├── README.md ├── ShellcodeLoader.cpp ├── generate_file.py └── sc.ini ├── baseAddressToCallDll ├── BaseAddressToCallDll.cpp └── README.md ├── begin_and_convert.cpp ├── get_api_from_peb ├── README.md └── test.cpp ├── get_shellcode_from_server ├── README.md └── test.cpp ├── memorySectionInject ├── ConsoleApplication1.cpp ├── README.md └── memoryMapInjection │ ├── ConsoleApplication1.cpp │ ├── NtGetNextProcess.cpp │ ├── README.md │ └── noCreateRemoteThread.cpp └── parent_process_spoofing ├── ConsoleApplication1.cpp └── README.md /AntiSimpleVirtual/AntiSimpleVirtual.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/AntiSimpleVirtual/AntiSimpleVirtual.cpp -------------------------------------------------------------------------------- /AntiSimpleVirtual/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/AntiSimpleVirtual/README.md -------------------------------------------------------------------------------- /AntiSimpleVirtual/antiVirtualBox.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/AntiSimpleVirtual/antiVirtualBox.cpp -------------------------------------------------------------------------------- /ProcessHollowing/README.md: -------------------------------------------------------------------------------- 1 | Process hollowing 傀儡进程 2 | -------------------------------------------------------------------------------- /ProcessHollowing/changeRIPaddressToShellcode/ConsoleApplication1.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/ProcessHollowing/changeRIPaddressToShellcode/ConsoleApplication1.cpp -------------------------------------------------------------------------------- /ProcessHollowing/changeRIPaddressToShellcode/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/ProcessHollowing/changeRIPaddressToShellcode/README.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## some shellcode loaders 2 | -------------------------------------------------------------------------------- /SysWhisper/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/SysWhisper/README.md -------------------------------------------------------------------------------- /SysWhisper/syscall-asm.x64.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/SysWhisper/syscall-asm.x64.asm -------------------------------------------------------------------------------- /SysWhisper/syscall.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/SysWhisper/syscall.c -------------------------------------------------------------------------------- /SysWhisper/syscall.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/SysWhisper/syscall.h -------------------------------------------------------------------------------- /SysWhisper/test.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/SysWhisper/test.cpp -------------------------------------------------------------------------------- /Use-After-Free/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/Use-After-Free/README.md -------------------------------------------------------------------------------- /Use-After-Free/ShellcodeLoader.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/Use-After-Free/ShellcodeLoader.cpp -------------------------------------------------------------------------------- /Use-After-Free/generate_file.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/Use-After-Free/generate_file.py -------------------------------------------------------------------------------- /Use-After-Free/sc.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/Use-After-Free/sc.ini -------------------------------------------------------------------------------- /baseAddressToCallDll/BaseAddressToCallDll.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/baseAddressToCallDll/BaseAddressToCallDll.cpp -------------------------------------------------------------------------------- /baseAddressToCallDll/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/baseAddressToCallDll/README.md -------------------------------------------------------------------------------- /begin_and_convert.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/begin_and_convert.cpp -------------------------------------------------------------------------------- /get_api_from_peb/README.md: -------------------------------------------------------------------------------- 1 | ![image-20230417134710067](https://s2.loli.net/2023/04/17/sWvwY2Dgz8N5jMt.png) -------------------------------------------------------------------------------- /get_api_from_peb/test.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/get_api_from_peb/test.cpp -------------------------------------------------------------------------------- /get_shellcode_from_server/README.md: -------------------------------------------------------------------------------- 1 | ![image-20230328212149733](https://s2.loli.net/2023/03/28/ms1M4FltyOoDZ8B.png) -------------------------------------------------------------------------------- /get_shellcode_from_server/test.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/get_shellcode_from_server/test.cpp -------------------------------------------------------------------------------- /memorySectionInject/ConsoleApplication1.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/memorySectionInject/ConsoleApplication1.cpp -------------------------------------------------------------------------------- /memorySectionInject/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/memorySectionInject/README.md -------------------------------------------------------------------------------- /memorySectionInject/memoryMapInjection/ConsoleApplication1.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/memorySectionInject/memoryMapInjection/ConsoleApplication1.cpp -------------------------------------------------------------------------------- /memorySectionInject/memoryMapInjection/NtGetNextProcess.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/memorySectionInject/memoryMapInjection/NtGetNextProcess.cpp -------------------------------------------------------------------------------- /memorySectionInject/memoryMapInjection/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/memorySectionInject/memoryMapInjection/README.md -------------------------------------------------------------------------------- /memorySectionInject/memoryMapInjection/noCreateRemoteThread.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/memorySectionInject/memoryMapInjection/noCreateRemoteThread.cpp -------------------------------------------------------------------------------- /parent_process_spoofing/ConsoleApplication1.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/b4nbird/shellcodeLoaders/HEAD/parent_process_spoofing/ConsoleApplication1.cpp -------------------------------------------------------------------------------- /parent_process_spoofing/README.md: -------------------------------------------------------------------------------- 1 | ![image-20230405194659820](https://s2.loli.net/2023/04/05/Ribm2qefP5ok6Sr.png) --------------------------------------------------------------------------------