This is stars and forks stats for /EgeBalci/syscall_api repository. As of 10 May, 2024 this repository has 37 stars and 11 forks.
SYSCALL_API syscall_api.asm block is used for dynamically finding the syscall number (SN) inside a function body and performing a manual syscall with the found SN. If SN could not be found inside the given function body, R10 register will be equal to -1. Check here for example code. Block searches for the following common instruction sequence during syscalls. mov r10, rcx mov eax, ??? ; <-- two byte SN here ; ... syscall ret Prior Work & References https://conference.hitb.org/hitbsecconf2023ams/session/windows-syscalls-in-shellcode-advanced-techniques-for-malicious-functionality/ https://github.com/klezVirus/SysWhispers3 https://github.com/jthuraisamy/SysWhispers2 https://github.com/jthuraisamy/SysWhispers https://klezvirus.github.io/RedTeaming/AV_Evasion/NoSysWhisper/ https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/
SYSCALL_API syscall_api.asm block is used for dynamically finding the syscall number (SN) inside a function body and performing a manual syscall with the found SN. If SN could not be found inside the given function body, R10 register will be equal to -1. Check here for example code. Block searches for the following common instruction sequence during syscalls. mov r10, rcx mov eax, ??? ; <-- two byte SN here ; ... syscall ret Prior Work & References https://conference.hitb.org/hitbsecconf2023ams/session/windows-syscalls-in-shellcode-advanced-techniques-for-malicious-functionality/ https://github.com/klezVirus/SysWhispers3 https://github.com/jthuraisamy/SysWhispers2 https://github.com/jthuraisamy/SysWhispers https://klezvirus.github.io/RedTeaming/AV_Evasion/NoSysWhisper/ https://outflank.nl/blog/2019/06/19/red-team-tactics-combining-direct-system-calls-and-srdi-to-bypass-av-edr/
| repo | techs | stars | weekly | forks | weekly |
|---|---|---|---|---|---|
| zisisvakras/mips-tool-pack | Assembly | 23 | 0 | 8 | 0 |
| SynthstromAudible/DelugeFirmware | CC++Tcl | 371 | +2 | 64 | 0 |
| GNOME/libxml2 | CRPGLEHTML | 482 | 0 | 337 | 0 |
| rafi1212122/PemukulPaku | C# | 89 | 0 | 27 | 0 |
| neon-nyan/Collapse | C#Other | 844 | 0 | 51 | 0 |
| apple/swift-cmake-examples | CMakeSwiftC++ | 43 | 0 | 3 | 0 |
| eudoxia0/cmacro | Common LispMakefileC | 862 | +1 | 29 | 0 |
| PrismLauncher/prismlauncher.org | CSSNunjucksJavaScript | 55 | 0 | 106 | 0 |
| refilc/naplo | DartJavaC++ | 75 | +2 | 24 | +1 |
| clragon/e1547 | DartC++CMake | 132 | 0 | 12 | 0 |