├── Readme.md ├── inc ├── BS_thread_pool.hpp ├── BS_thread_pool_utils.hpp ├── phnt.h └── threadpooling.h ├── res ├── 1.png ├── 2.png └── 3.png └── src ├── Hunt-Sleeping-Beacons.sln ├── Hunt-Sleeping-Beacons ├── Hunt-Sleeping-Beacons.vcxproj ├── Hunt-Sleeping-Beacons.vcxproj.filters ├── Hunt-Sleeping-Beacons.vcxproj.user ├── abnormal_intermodular_call.cpp ├── blocking_apc.cpp ├── blocking_timer.cpp ├── calltrace.hpp ├── calltrace_builder.hpp ├── detection.hpp ├── hardware_breakpoints.cpp ├── hunt-sleeping-beacons.hpp ├── logger.hpp ├── main.cpp ├── misc.hpp ├── non_executable_memory.cpp ├── private_memory.cpp ├── process.hpp ├── process_builder.hpp ├── process_enumerator.hpp ├── process_scanner.hpp ├── return_address_spoofing.cpp ├── scans.hpp ├── stomped_module.cpp ├── suspicious_timer.cpp ├── thread.hpp └── thread_builder.hpp └── UnitTests ├── UnitTests.cpp ├── UnitTests.vcxproj ├── UnitTests.vcxproj.filters ├── UnitTests.vcxproj.user ├── pch.cpp ├── pch.h └── raw_assembly.asm /Readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/Readme.md -------------------------------------------------------------------------------- /inc/BS_thread_pool.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/inc/BS_thread_pool.hpp -------------------------------------------------------------------------------- /inc/BS_thread_pool_utils.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/inc/BS_thread_pool_utils.hpp -------------------------------------------------------------------------------- /inc/phnt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/inc/phnt.h -------------------------------------------------------------------------------- /inc/threadpooling.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/inc/threadpooling.h -------------------------------------------------------------------------------- /res/1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/res/1.png -------------------------------------------------------------------------------- /res/2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/res/2.png -------------------------------------------------------------------------------- /res/3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/res/3.png -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons.sln -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/Hunt-Sleeping-Beacons.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/Hunt-Sleeping-Beacons.vcxproj -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/Hunt-Sleeping-Beacons.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/Hunt-Sleeping-Beacons.vcxproj.filters -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/Hunt-Sleeping-Beacons.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/Hunt-Sleeping-Beacons.vcxproj.user -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/abnormal_intermodular_call.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/abnormal_intermodular_call.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/blocking_apc.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/blocking_apc.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/blocking_timer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/blocking_timer.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/calltrace.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/calltrace.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/calltrace_builder.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/calltrace_builder.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/detection.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/detection.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/hardware_breakpoints.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/hardware_breakpoints.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/hunt-sleeping-beacons.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/hunt-sleeping-beacons.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/logger.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/logger.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/main.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/main.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/misc.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/misc.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/non_executable_memory.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/non_executable_memory.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/private_memory.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/private_memory.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/process.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/process.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/process_builder.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/process_builder.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/process_enumerator.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/process_enumerator.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/process_scanner.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/process_scanner.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/return_address_spoofing.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/return_address_spoofing.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/scans.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/scans.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/stomped_module.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/stomped_module.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/suspicious_timer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/suspicious_timer.cpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/thread.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/thread.hpp -------------------------------------------------------------------------------- /src/Hunt-Sleeping-Beacons/thread_builder.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/Hunt-Sleeping-Beacons/thread_builder.hpp -------------------------------------------------------------------------------- /src/UnitTests/UnitTests.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/UnitTests/UnitTests.cpp -------------------------------------------------------------------------------- /src/UnitTests/UnitTests.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/UnitTests/UnitTests.vcxproj -------------------------------------------------------------------------------- /src/UnitTests/UnitTests.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/UnitTests/UnitTests.vcxproj.filters -------------------------------------------------------------------------------- /src/UnitTests/UnitTests.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/UnitTests/UnitTests.vcxproj.user -------------------------------------------------------------------------------- /src/UnitTests/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/UnitTests/pch.cpp -------------------------------------------------------------------------------- /src/UnitTests/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/UnitTests/pch.h -------------------------------------------------------------------------------- /src/UnitTests/raw_assembly.asm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/thefLink/Hunt-Sleeping-Beacons/HEAD/src/UnitTests/raw_assembly.asm --------------------------------------------------------------------------------