https://github.com/hasherezade/loaderine
A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
https://github.com/hasherezade/loaderine
libpeconv
Last synced: about 1 year ago
JSON representation
A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.
- Host: GitHub
- URL: https://github.com/hasherezade/loaderine
- Owner: hasherezade
- Created: 2017-12-25T21:51:17.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2018-04-13T21:17:48.000Z (about 8 years ago)
- Last Synced: 2025-03-20T17:41:50.119Z (about 1 year ago)
- Topics: libpeconv
- Language: C
- Homepage:
- Size: 33.2 KB
- Stars: 19
- Watchers: 5
- Forks: 13
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Loaderine
---
A demo that loads and runs a code using detached NTDLL (in order to evade userland hooks monitoring activity).
WARNING: Experimental version.
+ uses library:
https://github.com/hasherezade/libpeconv.git