Ulfberht: Shellcode loader
Ulfberht Shellcode loader Features : Indirect syscall. Module stomping. Load a stomped module using APC. Execute the payload with a direct jump (jmp) without creating a new thread. API hashing implemented using the DJB2...
Tagged: shellcode loader
Ghost: Evasive shellcode loader
Ghost Ghost is a shellcode loader project designed to bypass multiple detection capabilities that are usually implemented by an EDR Detection 1 – kernel callbacks kernel callbacks are implemented by an EDR to harness...
