RedTeamCCode:红队C代码仓库

时间:2024-03-23 21:30:03
【文件属性】:

文件名称:RedTeamCCode:红队C代码仓库

文件大小:544KB

文件格式:ZIP

更新时间:2024-03-23 21:30:03

C

RedTeamCCode 红队C代码仓库 CrowdStrike钩住了ntdll.dll API C:\Users\dev\Desktop>hook_finder_64.exe C:\Windows\System32\ntdll.dll Loading C:\Windows\System32\ntdll.dll ------------------------------------------ BASE 0x00007FFAE0030000 MZÉ PE 0x00007FFAE00300E8 PE ExportTableOffset 0x00007FFAE01812A0 OffsetNameTable 0x00007FFAE01838C0 Function


【文件预览】:
RedTeamCCode-main
----PROCESS_CREATION_MITIGATION_POLICY_BLOCK_NON_MICROSOFT_BINARIES_ALWAYS_ON.c(2KB)
----crowdstrike_hook_finder_64.c(2KB)
----all_dlls_crowdstrike_hooks_output.txt(650KB)
----SharpUnHooking.cs(2KB)
----simple_encoder.c(687B)
----minidump_crowdstrike_bypass64.c(5KB)
----minidump-edr-bypass-generic64.c(2KB)
----unhook_crowdstrike_64.c(3KB)
----byebyedll.c(5KB)
----shellcode_runner.c(1KB)
----unhook_sentinelone_64.c(989B)
----sentinelone_hook_finder_64.c(2KB)
----README.md(6KB)
----dump_dlls_export_64.c(1KB)
----byebyedll-debug-poc.exe(62KB)
----system32_dlls_export_list.txt(2.96MB)

网友评论