GitHub - Reijaff/offensive

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 18 Commits
include		include
misc		misc
todo		todo
.gitignore		.gitignore
README.txt		README.txt
dll_reflective_loader_64.c		dll_reflective_loader_64.c
dll_unlink_module.c		dll_unlink_module.c
keylogger_kbhit.c		keylogger_kbhit.c
loadlibrary.c		loadlibrary.c
loadlibrary_createremotethread.c		loadlibrary_createremotethread.c
loadlibrary_hook.c		loadlibrary_hook.c
loadlibrary_reflective_dll.c		loadlibrary_reflective_dll.c
manualmap_dll_loader.c		manualmap_dll_loader.c
pe_process_doppelganging.c		pe_process_doppelganging.c
pe_process_ghosting.c		pe_process_ghosting.c
pe_process_herpaderping.c		pe_process_herpaderping.c
pe_process_hollowing.c		pe_process_hollowing.c
peb_process_mask.c		peb_process_mask.c
shellcode_apc.c		shellcode_apc.c
shellcode_apc_earlybird.c		shellcode_apc_earlybird.c
shellcode_apc_testalert.c		shellcode_apc_testalert.c
shellcode_createremotethread.c		shellcode_createremotethread.c
shellcode_createthread.c		shellcode_createthread.c
shellcode_createthread_dinvoke.c		shellcode_createthread_dinvoke.c
shellcode_find_rwx.c		shellcode_find_rwx.c
shellcode_function.c		shellcode_function.c
shellcode_module_stomping.c		shellcode_module_stomping.c
shellcode_sections.c		shellcode_sections.c
shellcode_thread_hijack.c		shellcode_thread_hijack.c
timestomping.c		timestomping.c
tls_callback.c		tls_callback.c
tls_callback_dynamic.c		tls_callback_dynamic.c

Repository files navigation

steal other people's code
learn
adapt
repeat

compile with ( https://github.com/mstorsjo/llvm-mingw clang-15) : 
$ x86_64-w64-mingw32-clang -Os ...

TODO:
- https://github.com/janoglezcampos/c_syscalls
- https://github.com/TheKevinWang/UACHooker
- https://github.com/ch3rn0byl/AngryWindows
- https://github.com/SolomonSklash/UnhookingPOC
- https://github.com/trickster0/TartarusGate/
- https://github.com/suspex0/ProxyJect
- https://github.com/TheCruZ/Simple-Manual-Map-Injector -- manualmap + cleanup
- https://github.com/ethicalblue/Self-Erasing-Code-Example/blob/main/self-erase.asm

- offensive_c linux:
    - https://github.com/bediger4000/userlandexec
    - https://github.com/samuraictf/gatekeeper
    - https://github.com/gaffe23/linux-inject

//
compile with "-Wl,--exclude-all-symbols" to disable automatic function export in dll, mingw

pe file analysis + parsing
 - https://learn.microsoft.com/en-us/windows/win32/debug/pe-format
 - mingw c autocomplete standart libs in vscode
 - vx-api
    
// truncated structure
// get full structure on
// 1. https://www.vergiliusproject.com/
// 2. https://github.com/x64dbg/x64dbg/blob/development/src/dbg/ntdll/ntdll.h
// 3. http://undocumented.ntinternals.net/
// 4. https://github.com/processhacker/phnt
// typedef struct _ND_PEB
// {
// BYTE Reserved1[2];
// BYTE BeingDebugged;
// BYTE Reserved2[1];
// PVOID Reserved3[2];
// PND_PEB_LDR_DATA Ldr;
// } ND_PEB, *PND_PEB;