💤 laZzzy
This is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
Features:
— Direct syscalls and native functions;
— Import Address Table (IAT) evasion;
— Encrypted payload (XOR and AES);
— PPID spoofing;
— Blocking of non-Microsoft-signed DLLs;
— etc.
https://github.com/capt-meelo/laZzzy
#maldev #loader #cpp #redteam
This is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.
Features:
— Direct syscalls and native functions;
— Import Address Table (IAT) evasion;
— Encrypted payload (XOR and AES);
— PPID spoofing;
— Blocking of non-Microsoft-signed DLLs;
— etc.
https://github.com/capt-meelo/laZzzy
#maldev #loader #cpp #redteam
👍5
⚙️ Meterpreter BOFLoader
In this guide, you'll learn how the new BOFLoader extension allows BOFs to be used from a Meterpreter session. Discover new attacks made possible in Meterpreter and avoid common errors.
https://www.trustedsec.com/blog/operators-guide-to-the-meterpreter-bofloader
#msf #meterpreter #bof #loader
In this guide, you'll learn how the new BOFLoader extension allows BOFs to be used from a Meterpreter session. Discover new attacks made possible in Meterpreter and avoid common errors.
https://www.trustedsec.com/blog/operators-guide-to-the-meterpreter-bofloader
#msf #meterpreter #bof #loader
👍8👎1
⚛️ AtomLdr
A DLL loader with advanced evasive.
Features:
• DLL unhooking from \KnwonDlls\ directory, with no RWX sections
• The encrypted payload is saved in the resource section and retrieved via custom code
• AES256-CBC Payload encryption using custom no table/data-dependent branches using ctaes; this is one of the best custom AES implementations I've encountered
• Indirect syscalls, utilizing HellHall with ROP gadgets
• Payload injection using APC calls - alertable thread
• Api hashing using two different implementations of the CRC32 string hashing algorithm
• The total Size is 17kb
https://github.com/NUL0x4C/AtomLdr
#loader #dll #edr #evasion #redteam
A DLL loader with advanced evasive.
Features:
• DLL unhooking from \KnwonDlls\ directory, with no RWX sections
• The encrypted payload is saved in the resource section and retrieved via custom code
• AES256-CBC Payload encryption using custom no table/data-dependent branches using ctaes; this is one of the best custom AES implementations I've encountered
• Indirect syscalls, utilizing HellHall with ROP gadgets
• Payload injection using APC calls - alertable thread
• Api hashing using two different implementations of the CRC32 string hashing algorithm
• The total Size is 17kb
https://github.com/NUL0x4C/AtomLdr
#loader #dll #edr #evasion #redteam
🔥7👍3
Dive into building a BIOS bootloader from scratch to boot an x86 CPU into 64-bit mode. From ASM basics to integrating with C, unravel the complexities step-by-step.
🔗 Research:
https://thasso.xyz/2024/07/13/setting-up-an-x86-cpu.html
🔗 Code:
https://github.com/thass0/blog-code/tree/main/2024-07-13-setting-up-an-x86-cpu
#bios #loader #asm #clang
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥11👍2