{"id":21222809,"url":"https://github.com/0xflux/gosneak","last_synced_at":"2025-03-15T01:28:58.113Z","repository":{"id":206472077,"uuid":"716758916","full_name":"0xflux/GoSneak","owner":"0xflux","description":"DLL injector POC written currently in C++ to be wrapped with Go and CGO.","archived":false,"fork":false,"pushed_at":"2023-11-18T01:13:11.000Z","size":72,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-21T17:23:51.119Z","etag":null,"topics":["dll-injection","dll-injector","malware-research","syscall","syscalls"],"latest_commit_sha":null,"homepage":"https://fluxsec.red/dll-injection-edr-evasion-1","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xflux.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-11-09T20:13:33.000Z","updated_at":"2024-01-06T09:41:21.000Z","dependencies_parsed_at":"2023-11-18T03:23:09.524Z","dependency_job_id":null,"html_url":"https://github.com/0xflux/GoSneak","commit_stats":null,"previous_names":["0xflux/gosneak"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xflux%2FGoSneak","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xflux%2FGoSneak/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xflux%2FGoSneak/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xflux%2FGoSneak/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xflux","download_url":"https://codeload.github.com/0xflux/GoSneak/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243670770,"owners_count":20328532,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dll-injection","dll-injector","malware-research","syscall","syscalls"],"created_at":"2024-11-20T22:47:22.495Z","updated_at":"2025-03-15T01:28:58.083Z","avatar_url":"https://github.com/0xflux.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GoSneak\n\nA small snippet from my private Go based malware (for red team operations NOT criminal / malicious) and server control framework, showcasing some simple process injection written in Go and C. \n\nNote: The Go 'bridge' is not currently implemented, I will look to implement the Go wrapper after the C++ POC is done. To see my blog post about this: https://fluxsec.red/dll-injection-edr-evasion-1\n\n**Important**\n\nThis is purely PROOF OF CONCEPT and simply injects a DLL into a process for it to be run. This is in NO WAY to be used for malicious purposes and I DO NOT ENDORSE this code being used for malicious purposes. \n\nA screenshot from my [blog](https://fluxsec.red/dll-injection-edr-evasion-1), proof that we are in fact using the assembly, and not the Windows API:\n\n![image](https://github.com/0xflux/GoSneak/assets/49762827/ead5660f-1c47-4aca-9d2e-cd59b42b7e2d)\n\nProof of injection:\n\n![image](https://github.com/0xflux/GoSneak/assets/49762827/835cae74-920b-4279-bd50-0171c736cacb)\n\nThe injector is mostly in C, wrapped in some Go for fun, showing cross compatability of classical C development with a higher level language such as Go. I have found there are actual benefits to doing this in respect of anti-detection; something I may blog about in the future!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xflux%2Fgosneak","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xflux%2Fgosneak","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xflux%2Fgosneak/lists"}