inline_syscall
Corth
inline_syscall | Corth | |
---|---|---|
1 | 3 | |
609 | 20 | |
- | - | |
1.8 | 0.0 | |
almost 2 years ago | over 1 year ago | |
C++ | C++ | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
inline_syscall
-
Can't do exploitation research on a novel unhooking approach without a database of the DLLs for every Windows version. Ideas?
https://github.com/JustasMasiulis/inline_syscall (AFAIK the only library that produces inline-able syscall stubs)
Corth
-
I made a Turing complete, open source programming language that compiles to executable from generated assembly
Here is the link to the pull request, if you're interested.
What are some alternatives?
SysWhispers2 - AV/EDR evasion via direct system calls.
DearPyGui - Dear PyGui: A fast and powerful Graphical User Interface Toolkit for Python with minimal dependencies
lazy_importer - library for importing functions from dlls in a hidden, reverse engineer unfriendly way
wxWidgets - Cross-Platform C++ GUI Library
Black-Angel-Rootkit - Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.
CTAsm - Compile time assembler with nasm syntax
ZwProcessHollowing - ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
introvert
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
olive - Free open-source non-linear video editor