├── .gitignore ├── ApiMatchHandler.cpp ├── ApiMatchHandler.h ├── CMakeLists.txt ├── CMakeLists_all_distro.txt ├── Consumer.h ├── Dockerfile ├── Globals.cpp ├── Globals.h ├── LICENSE ├── MatchHandler.cpp ├── MatchHandler.h ├── README.md ├── Utils.cpp ├── Utils.h ├── clang-astdump-macos_meterpreter.sh ├── clang-query-macos.sh ├── clang-query-macos_meterpreter.sh ├── clang-query_run_linux.sh ├── main.cpp ├── patch_enum_syscalls.c ├── run_example.sh ├── scripts ├── generate_include_directives.py └── obfuscate_meterpreter_macos.py └── test ├── DelayLoadMetSrv.c ├── DelayLoadMetSrv.c.patch ├── DelayLoadMetSrv.h ├── base_dispatch.c ├── base_inject.c ├── base_inject.c.ast ├── base_inject.c.patch ├── kuhl_m_lsadump.c ├── kuhl_m_lsadump.c.patch ├── messagebox.c.ast ├── messagebox_simple.c ├── messagebox_simple.c.ast ├── messagebox_simple.c.patch ├── mod_system.cpp ├── mod_system.cpp.patch ├── remote_dispatch.c ├── remote_dispatch.c.ast ├── remote_dispatch.c.patch ├── remote_dispatch.h ├── remote_thread.c ├── remote_thread.c.ast ├── simple_test.c ├── simple_test.c.ast ├── simple_test.c.patch ├── string_global_macro.ast ├── string_global_macro.c ├── string_global_macro.c.patch ├── strings_simplest.c ├── strings_simplest.c.ast ├── strings_simplest.c.patch ├── strings_test.ast ├── strings_test.c └── strings_test.c.patch /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/.gitignore -------------------------------------------------------------------------------- /ApiMatchHandler.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/ApiMatchHandler.cpp -------------------------------------------------------------------------------- /ApiMatchHandler.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/ApiMatchHandler.h -------------------------------------------------------------------------------- /CMakeLists.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/CMakeLists.txt -------------------------------------------------------------------------------- /CMakeLists_all_distro.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/CMakeLists_all_distro.txt -------------------------------------------------------------------------------- /Consumer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/Consumer.h -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/Dockerfile -------------------------------------------------------------------------------- /Globals.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/Globals.cpp -------------------------------------------------------------------------------- /Globals.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/Globals.h -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/LICENSE -------------------------------------------------------------------------------- /MatchHandler.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/MatchHandler.cpp -------------------------------------------------------------------------------- /MatchHandler.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/MatchHandler.h -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/README.md -------------------------------------------------------------------------------- /Utils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/Utils.cpp -------------------------------------------------------------------------------- /Utils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/Utils.h -------------------------------------------------------------------------------- /clang-astdump-macos_meterpreter.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/clang-astdump-macos_meterpreter.sh -------------------------------------------------------------------------------- /clang-query-macos.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/clang-query-macos.sh -------------------------------------------------------------------------------- /clang-query-macos_meterpreter.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/clang-query-macos_meterpreter.sh -------------------------------------------------------------------------------- /clang-query_run_linux.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/clang-query_run_linux.sh -------------------------------------------------------------------------------- /main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/main.cpp -------------------------------------------------------------------------------- /patch_enum_syscalls.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/patch_enum_syscalls.c -------------------------------------------------------------------------------- /run_example.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/run_example.sh -------------------------------------------------------------------------------- /scripts/generate_include_directives.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/scripts/generate_include_directives.py -------------------------------------------------------------------------------- /scripts/obfuscate_meterpreter_macos.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/scripts/obfuscate_meterpreter_macos.py -------------------------------------------------------------------------------- /test/DelayLoadMetSrv.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/DelayLoadMetSrv.c -------------------------------------------------------------------------------- /test/DelayLoadMetSrv.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/DelayLoadMetSrv.c.patch -------------------------------------------------------------------------------- /test/DelayLoadMetSrv.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/DelayLoadMetSrv.h -------------------------------------------------------------------------------- /test/base_dispatch.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/base_dispatch.c -------------------------------------------------------------------------------- /test/base_inject.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/base_inject.c -------------------------------------------------------------------------------- /test/base_inject.c.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/base_inject.c.ast -------------------------------------------------------------------------------- /test/base_inject.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/base_inject.c.patch -------------------------------------------------------------------------------- /test/kuhl_m_lsadump.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/kuhl_m_lsadump.c -------------------------------------------------------------------------------- /test/kuhl_m_lsadump.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/kuhl_m_lsadump.c.patch -------------------------------------------------------------------------------- /test/messagebox.c.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/messagebox.c.ast -------------------------------------------------------------------------------- /test/messagebox_simple.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/messagebox_simple.c -------------------------------------------------------------------------------- /test/messagebox_simple.c.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/messagebox_simple.c.ast -------------------------------------------------------------------------------- /test/messagebox_simple.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/messagebox_simple.c.patch -------------------------------------------------------------------------------- /test/mod_system.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/mod_system.cpp -------------------------------------------------------------------------------- /test/mod_system.cpp.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/mod_system.cpp.patch -------------------------------------------------------------------------------- /test/remote_dispatch.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/remote_dispatch.c -------------------------------------------------------------------------------- /test/remote_dispatch.c.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/remote_dispatch.c.ast -------------------------------------------------------------------------------- /test/remote_dispatch.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/remote_dispatch.c.patch -------------------------------------------------------------------------------- /test/remote_dispatch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/remote_dispatch.h -------------------------------------------------------------------------------- /test/remote_thread.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/remote_thread.c -------------------------------------------------------------------------------- /test/remote_thread.c.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/remote_thread.c.ast -------------------------------------------------------------------------------- /test/simple_test.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/simple_test.c -------------------------------------------------------------------------------- /test/simple_test.c.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/simple_test.c.ast -------------------------------------------------------------------------------- /test/simple_test.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/simple_test.c.patch -------------------------------------------------------------------------------- /test/string_global_macro.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/string_global_macro.ast -------------------------------------------------------------------------------- /test/string_global_macro.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/string_global_macro.c -------------------------------------------------------------------------------- /test/string_global_macro.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/string_global_macro.c.patch -------------------------------------------------------------------------------- /test/strings_simplest.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/strings_simplest.c -------------------------------------------------------------------------------- /test/strings_simplest.c.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/strings_simplest.c.ast -------------------------------------------------------------------------------- /test/strings_simplest.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/strings_simplest.c.patch -------------------------------------------------------------------------------- /test/strings_test.ast: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/strings_test.ast -------------------------------------------------------------------------------- /test/strings_test.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/strings_test.c -------------------------------------------------------------------------------- /test/strings_test.c.patch: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/scrt/avcleaner/HEAD/test/strings_test.c.patch --------------------------------------------------------------------------------