Skip to content
/ HadesLdr Public
forked from CognisysGroup/HadesLdr

Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2

2 stars 43 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ASkyeye/HadesLdr

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
IDSyscall
IDSyscall
 
 
README.md
README.md
 
 

Repository files navigation

HadesLdr

A demo of the relevant blog post: Combining Indirect Dynamic Syscalls and API Hashing

Shellcode Loader Implementing :

  • Indirect Dynamic Syscall by resolving the SSN and the address pointing to a backed syscall instruction dynamically.
  • API Hashing by resolving modules & APIs base address from PEB by hashes
  • Fileless Chunked RC4 Shellcode retrieving using Winsock2

Demo :

met.mp4

References :

https://github.com/am0nsec/HellsGate/tree/master
https://cocomelonc.github.io/tutorial/2022/04/02/malware-injection-18.html
https://blog.sektor7.net/#!res/2021/halosgate.md

About

Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C++ 85.5%
  • Python 9.3%
  • Assembly 3.6%
  • C 1.6%