Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/0xflux/gosneak
DLL injector POC written currently in C++ to be wrapped with Go and CGO.
https://github.com/0xflux/gosneak
dll-injection dll-injector malware-research syscall syscalls
Last synced: 5 days ago
JSON representation
DLL injector POC written currently in C++ to be wrapped with Go and CGO.
- Host: GitHub
- URL: https://github.com/0xflux/gosneak
- Owner: 0xflux
- Created: 2023-11-09T20:13:33.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2023-11-18T01:13:11.000Z (about 1 year ago)
- Last Synced: 2024-11-20T22:58:59.056Z (2 months ago)
- Topics: dll-injection, dll-injector, malware-research, syscall, syscalls
- Language: C++
- Homepage: https://fluxsec.red/dll-injection-edr-evasion-1
- Size: 70.3 KB
- Stars: 1
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# GoSneak
A small snippet from my private Go based malware (for red team operations NOT criminal / malicious) and server control framework, showcasing some simple process injection written in Go and C.
Note: The Go 'bridge' is not currently implemented, I will look to implement the Go wrapper after the C++ POC is done. To see my blog post about this: https://fluxsec.red/dll-injection-edr-evasion-1
**Important**
This is purely PROOF OF CONCEPT and simply injects a DLL into a process for it to be run. This is in NO WAY to be used for malicious purposes and I DO NOT ENDORSE this code being used for malicious purposes.
A screenshot from my [blog](https://fluxsec.red/dll-injection-edr-evasion-1), proof that we are in fact using the assembly, and not the Windows API:
Proof of injection:
The injector is mostly in C, wrapped in some Go for fun, showing cross compatability of classical C development with a higher level language such as Go. I have found there are actual benefits to doing this in respect of anti-detection; something I may blog about in the future!