https://github.com/cybersecurityup/directsyscall-example

Example of direct syscalls in Windows using NtOpenFile and NtClose Syscalls
https://github.com/cybersecurityup/directsyscall-example

Last synced: 4 months ago
JSON representation

Example of direct syscalls in Windows using NtOpenFile and NtClose Syscalls

• Host: GitHub
• URL: https://github.com/cybersecurityup/directsyscall-example
• Owner: CyberSecurityUP
• Created: 2024-07-15T01:38:34.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2024-07-15T01:48:57.000Z (almost 2 years ago)
• Last Synced: 2025-09-06T17:54:21.447Z (10 months ago)
• Language: C++
• Homepage:
• Size: 196 KB
• Stars: 5
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# DirectSyscall-Example

Example of how to use direct syscalls in a Windows environment. The example demonstrates opening and closing a file using the NtOpenFile and NtClose syscalls defined in assembly and called from C.

## Overview

The project consists of the following components:

- Assembly Code (direct_syscalls.asm): Defines the syscall procedures for NtOpenFile and NtClose.

- Header File (syscalls.h): Declares the external syscall numbers and function prototypes.

- C Code (DirectSyscall.cpp): Implements the main logic to get syscall numbers, initialize structures, and call the syscalls to open and close a file.

References:

[Configure your Setup Assembly](https://programminghaven.home.blog/2020/02/16/setup-an-assembly-project-on-visual-studio-2019/)

[Others Example Code Direct Syscall by VirtualAlllocEx](https://github.com/VirtualAlllocEx/Direct-Syscalls-vs-Indirect-Syscalls)

## TO-DO

- Indirect Syscall Example