Various code snippets and small PoCs, to be used for tests or as ready-made skeletons.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
demoCalc_dll
demo_dll [ADD][demo_dll] Init Nov 16, 2015
drop_and_run
extension_hijacker
inject1
inject2
inject3
inject4
README.md
neutrino_env_check.cpp

README.md

snippets

Various code snippets and small PoCs, to be used for tests or as ready-made skeletons.

  • demo_dll - a small sample DLL with 2 exported functions
  • demoCalc_dll - a small sample DLL (in masm) deploying calc.exe on load
  • drop_and_run - an EXE dropping and loading a DLL (stored in resources)
  • inject1 - injecton demo - patches Entry Point of calc.exe
  • inject2 - injection demo - adds a thread with shellcode to calc.exe
  • inject3 - injection demo - injects shellcode to calc.exe using NtQueueApcThread
  • inject4 - injection demo - injects full image self (as a new section), applies relocations and deploys a function
  • neutrino_env_check.cpp - Set of defensive environment checks - against VM, sandbox, monitoring tools etc. Implementation based on Neutrino Bot Loader.