Skip to content

jhalon/SharpCall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

Properties

Properties

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

Native.cs

Native.cs

 
 

Program.cs

Program.cs

 
 

README.md

README.md

 
 

SharpCall.csproj

SharpCall.csproj

 
 

SharpCall.sln

SharpCall.sln

 
 

Syscalls.cs

Syscalls.cs

 
 

Repository files navigation

SharpCall

Simple proof of concept code that allows you to execute direct system calls in C# by utilizing unmanaged code to bypass EDR and API Hooking.

This Proof of Concept is directly related to the following blog posts:

File Structure:

  • Native.cs: Contains all the Native Window API function calls, as well as the necessary structures, and flag enumerators.
  • Syscalls.cs: Contains the delegate definition and delegate implementation used to execute our syscall assembly from unmanaged memory.
  • Program.cs: Main program application that utilizes our implemented syscall delegate to execute the syscall.

About

Simple PoC demonstrating syscall execution in C#

Resources

Readme
Activity

Stars

145 stars

Watchers

5 watching

Forks

36 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages