System Calls For Hackers
ฝัง
- เผยแพร่เมื่อ 18 ก.ย. 2024
- In this video I explain the basics of Windows systems calls and why you might be interested in them as a malware devloper. I then take us to the IDE and write some code. The code consists of a regular windows function call and a system call to show the difference. finally we dig into the application and the difference in of the function calls using API monitor and x64dbg.
Thanks for stopping by!
Discord: / discord
Github: github.com/yti...
Disclaimer: The content in this video is for educational purposes only and not intended to encourage or support any illegal activities. The creator cannot be held responsible for the misuse of the information provided. Viewers are advised to ensure their actions are lawful and safe.
Tags:
c++,hacking,malware,malware development,pentesting,processes,programming,red team,win32,windows,purple team,blue team,winapi,hack,code tutorial,coding,dev,development
Awesome video and content, I followed your steps and wrote the code to test, there is nothing better than writing code to understand and learn, and I appreciate it.
thank you for the feedback!!
Tnx ❤❤
love your videos. any suggestions on books for malware development and/or cpp?
Any of the windows internals books by Mark Russinovich are great: www.amazon.com/stores/Mark-E.-Russinovich/author/B001IGNICC
Tnx bru
Can i request something-
I wanted internals of how ms010 was discovered and exploited.. and how its manual discovery, manual exploitation development of it work..
I will definitely add this to the list of videos to make. Thanks for the suggestion!
so to bypass the EDR we use syscall functions instead of kernel32 dll?
Not directly possible in windows. But We try using nt functions to dynamically resolve syscalls. Or create proxy functions around winapi functions that indirectly call nt functions..