Giters

kuA35sSaasd / HadesLdr

Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

HadesLdr

A demo of the relevant blog post: Combining Indirect Dynamic Syscalls and API Hashing

Shellcode Loader Implementing :

  • Indirect Dynamic Syscall by resolving the SSN and the address pointing to a backed syscall instruction dynamically.
  • API Hashing by resolving modules & APIs base address from PEB by hashes
  • Fileless Chunked RC4 Shellcode retrieving using Winsock2

Demo :

met.mp4

References :

https://github.com/am0nsec/HellsGate/tree/master
https://cocomelonc.github.io/tutorial/2022/04/02/malware-injection-18.html
https://blog.sektor7.net/#!res/2021/halosgate.md

License / Terms of Use

This software should only be used for authorised testing activity and not for malicious use.

By downloading this software you are accepting the terms of use and the licensing agreement.

About

Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2

License:BSD 3-Clause "New" or "Revised" License

Languages

Language:C++ 85.6%Language:Python 9.3%Language:Assembly 3.6%Language:C 1.6%