INDIRECT SYSCALLS REV SHELL

This is for educational purposes ONLY, I am not responsible for what you do with this, you skid

This C++ process injector and reverse shell, uses Indirect Syscalls, to evade antiviruses, and some EDR's.

It will ask for a process to inject, then will use indirect syscalls to do so.

It uses the shellcode from the NTAPI one, the one that connects to 192.168.68.101, on port 4444.

It's a very weak shellcode, it got 7 detections in virustotal, mainly because of the mechanism and signature, which is very easy to decrypt, windows defender is trash tho.

https://www.virustotal.com/gui/file/94b39ba9d83fbf2e557e5be5cffd2eaf8b4f9bee72d6bec4e20f92203d545aa9?nocache=1

Steps to build:

Open the .sln file (Solution) in Visual Studio 2022

Build.

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
.gitattributes		.gitattributes
.gitignore		.gitignore
IndirectSyscalls.sln		IndirectSyscalls.sln
IndirectSyscalls.vcxproj		IndirectSyscalls.vcxproj
IndirectSyscalls.vcxproj.filters		IndirectSyscalls.vcxproj.filters
LICENSE.txt		LICENSE.txt
README.md		README.md
includes.h		includes.h
indirect.asm		indirect.asm
main.cpp		main.cpp

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

INDIRECT SYSCALLS REV SHELL

About

Uh oh!

Releases

Packages

Uh oh!

Contributors 2

Uh oh!

Languages

License

slep2-0/Indirect-Syscalls

Folders and files

Latest commit

History

Repository files navigation

INDIRECT SYSCALLS REV SHELL

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors 2

Uh oh!

Languages

Packages