Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/evilbytecode/evilbytecode-shellcode-go-tactics
A mutliple tactics to execute shellcode in go :}
https://github.com/evilbytecode/evilbytecode-shellcode-go-tactics
evasion fud shellcode shellcode-injection shellcode-injector shellcode-loader shellcode-runner ud
Last synced: about 1 month ago
JSON representation
A mutliple tactics to execute shellcode in go :}
- Host: GitHub
- URL: https://github.com/evilbytecode/evilbytecode-shellcode-go-tactics
- Owner: EvilBytecode
- License: mit
- Created: 2024-07-21T16:53:32.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2024-07-21T20:35:48.000Z (5 months ago)
- Last Synced: 2024-11-08T10:03:02.970Z (about 1 month ago)
- Topics: evasion, fud, shellcode, shellcode-injection, shellcode-injector, shellcode-loader, shellcode-runner, ud
- Language: Go
- Homepage:
- Size: 26.4 KB
- Stars: 14
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Evilbytecode Shellcode Execution Tactics
This repository contains various projects that demonstrate advanced techniques for executing shellcode and performing memory manipulation.
## Features
- **APC Injection**
Exploits the Asynchronous Procedure Call (APC) technique to execute malicious code within target processes.- **Early Bird APC Injection**
A variation of APC Injection focusing on executing code before the main process starts.- **Local Mapping Injection**
Demonstrates malicious code injection via memory mapping into local processes.- **Local Payload Execution**
Addresses the direct execution of malicious payloads in a system's local environment.- **Payload Execution Fibers**
Demonstrates running shellcode using Fibers, a type of lightweight thread.- **Payload Placement**
Shows how to store shellcode in the .text section of a process and execute it.- **Process Injection (Shellcode)**
Exploits shellcode injection directly into running processes to control or execute malicious tasks.- **Registry Shellcode**
Demonstrates writing and reading shellcode to/from the Windows Registry.- **Remote Function Stomping Injection**
Exploits the substitution of functions in remote systems to carry out malicious activities.- **Remote Mapping Injection**
Demonstrates malicious code injection via memory mapping into remote processes.- **Remote Thread Hijacking**
Focuses on hijacking threads in remote system processes to execute malicious code.- **Threadless Injection**
Demonstrates threadless injection using Go & C, where shellcode is injected without creating a new thread.## Contributing
Contributions are welcome! If you have improvements or additional techniques to add, please fork the repository and submit a pull request. Ensure your code follows the project's coding standards and includes relevant documentation.
## License
This repository is licensed under the MIT License. See the [LICENSE](LICENSE) file for more details.
## Disclaimer
This repository is intended for educational purposes only. The techniques demonstrated here are for understanding security vulnerabilities and enhancing defensive measures. Unauthorized use of these techniques may have legal consequences.
---