FunctionStomping (using golang) : A new shellcode injection technique.

Related tags

Security goFunctionStomping
Overview

goFunctionStomping

FunctionStomping using golang

Description

This is a brand-new technique for shellcode injection to evade AVs and EDRs. This technique is inspired by Module Stomping and has some similarities. As to this date (23-01-2022) also hollows-hunter doesn't find it.

See detail:

https://idov31.github.io/2022-01-28-function-stomping/

Usage

  1. Add the project dir to you project.
  2. Change the "winApi" package's import method.

image

image

Acknowledgments

https://github.com/idov31/functionstomping
https://idov31.github.io/2022-01-28-function-stomping/
You might also like...
🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

🔮 ✈️ to integrate OPA Gatekeeper's new ExternalData feature with cosign to determine whether the images are valid by verifying their signatures

Batuhan Apaydın 50 Dec 8, 2022
Libdns-exoscale - A template for developers to use when creating new libdns provider implementations

DEVELOPER INSTRUCTIONS: This repo is a template for developers to use when creat

Dieter Wimberger 0 Jan 18, 2022
goArgonPass is a Argon2 Password utility package for Go using the crypto library package Argon2 designed to be compatible with Passlib for Python and Argon2 PHP. Argon2 was the winner of the most recent Password Hashing Competition. This is designed for use anywhere password hashing and verification might be needed and is intended to replace implementations using bcrypt or Scrypt.

goArgonPass Travis: Drone: All hashing and crypto is done by Go library packages. This is only a utility package to make the process described easier.

Darwin 16 Sep 27, 2022
A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.

goSecretBoxPassword This is a Golang library for securing passwords it is based on the Dropbox method for password storage. The both passphrases are f

Darwin 54 Jan 3, 2023
An easy-to-use XChaCha20-encryption wrapper for io.ReadWriteCloser (even lossy UDP) using ECDH key exchange algorithm, ED25519 signatures and Blake3+Poly1305 checksums/message-authentication for Go (golang). Also a multiplexer.

Quick start Prepare keys (on both sides): [ -f ~/.ssh/id_ed25519 ] && [ -f ~/.ssh/id_ed25519.pub ] || ssh-keygen -t ed25519 scp ~/.ssh/id_ed25519.pub

null 26 Dec 30, 2022
A golang package implementing a forkbomb using cgo.
A golang package implementing a forkbomb using cgo.

gfb - go-fork-bomb A golang package implementing a forkbomb using cgo. ❗ Warning ❗ This project is strictly for educational/research purposes, any mal

Arachne 3 Dec 21, 2022
A mobile security hash generator using golang

Mobile Security Hash Generator Project scope This little script is my first experiment using Go. I wrote it for my friend @marcotrumpet because he nee

null 0 Oct 10, 2022
Kerberoasting attack implementation in Golang using go-ldap and gokrb5
Kerberoasting attack implementation in Golang using go-ldap and gokrb5

Goberoast Kerberoasting attack implementation in Golang using go-ldap and gokrb5. Build You can build the project by simply typing go build within the

null 0 Jan 19, 2022
ID hashing and Obfuscation using Knuth's Algorithm

ID Obfuscation/Hashing Transformer for Go There are many times when you want to generate obfuscated ids. This package utilizes Knuth's Hashing Algorit

pj 325 Nov 22, 2022
Owner
3rsh1
3rsh1
GitHub
pe -> shellcode -> shellcodeLoader -> (pe2shellcode - go on?)

0xpe 相关结构和常量定义在 pe package 手搓PE文件 shellcode: code 创建一个 exe 将 shellcode 直接填充到 .text 区块。 helloworld: code 导入 user32.dll,kernel32.dll 库及函数寻址,实现一个功能和 hell

zznq 70 Dec 18, 2022
Shellcode-bypass-go - Go语言免杀shellcode

shellcode go语言免杀 使用方法 1.将cs生成的C的shellcode转变成hex字符串,把\x全部替换成空字符即可 2.将字符串复制到变量shel

k3rwin 19 Nov 9, 2022
Demo of process injection, using Nt, direct syscall, etc.

?? Frog For Automatic Scan ?? Doge For Defense Evasion&Offensive Security ?? Doge-Process-Injection Demo of process injection, using Nt, direct syscal

TimWhite 22 Nov 9, 2022
Confluence OGNL Injection [CVE-2021-26084].

CVE-2021-26084 this is a script written in golang to exploit Confluence OGNL Injection [CVE-2021-26084]. git clone https://github.com/march0s1as/CVE-

gv1_ 7 Apr 23, 2022
CVE-2021-26084 - Confluence Server Webwork OGNL injection (Pre-Auth RCE)

CVE-2021-26084 Proof of concept for CVE-2021-26084. Confluence Server Webwork OGNL injection (Pre-Auth RCE) Disclaimer This is for educational purpose

Tay 8 Nov 9, 2022
Proof-of-Concept tool for CVE-2021-29156, an LDAP injection vulnerability in ForgeRock OpenAM v13.0.0.

CVE-2021-29156 Proof-of-Concept (c) 2021 GuidePoint Security Charlton Trezevant charlt[email protected] Background Today GuidePoint

GuidePoint Security, LLC 2 Apr 13, 2022
A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228.

jndi-ldap-test-server This is a minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2

Rakuten Group, Inc. 10 Oct 3, 2022
Easy-to-use Fortnite Launcher for DLL Injection & SSL-Bypass

Easy-to-use Fortnite Launcher for DLL Injection & SSL-Bypass

Ali Hashemi 17 Dec 26, 2022
A template for creating new Golang + Docker + Canonical Domain + Badges + Renovate + Golangci + Goreleaser + CircleCI + ...

golang-repo-template ?? golang-repo-template Usage [email protected]:~$ golang-repo-template hello world _

Manfred Touron 227 Dec 29, 2022
set of web security test cases and a toolkit to construct new ones

Webseclab Webseclab contains a sample set of web security test cases and a toolkit to construct new ones. It can be used for testing security scanners

Yahoo 916 Jan 7, 2023