mirror of https://github.com/vxunderground/VX-API
parent
12ce9b9e5b
commit
1aed815bd8
|
@ -55,6 +55,8 @@ You're free to use this in any manner you please. You do not need to use this en
|
|||
| HashStringSdbm | Ozan Yigit | String Hashing |
|
||||
| HashStringSuperFastHash | Paul Hsieh | String Hashing |
|
||||
| HashStringUnknownGenericHash1A | Unknown | String Hashing |
|
||||
| HashStringSipHash | RistBS | String Hashing |
|
||||
| HashStringMurmur | RistBS | String Hashing |
|
||||
| CreateMd5HashFromFilePath | Microsoft | Cryptography Related |
|
||||
| CreatePseudoRandomInteger | Apple (c) 1999 | Cryptography Related |
|
||||
| CreatePseudoRandomString | smelly__vx | Cryptography Related |
|
||||
|
@ -114,7 +116,8 @@ You're free to use this in any manner you please. You do not need to use this en
|
|||
| GetByteArrayFromFile | smelly__vx | Helper Functions |
|
||||
| Ex_GetHandleOnDeviceHttpCommunication | x86matthew | Helper Functions |
|
||||
| IsRegistryKeyValid | smelly__vx | Helper Functions |
|
||||
FastcallExecuteBinaryShellExecuteEx | smelly__vx | Helper Functions |
|
||||
| FastcallExecuteBinaryShellExecuteEx | smelly__vx | Helper Functions |
|
||||
| GetCurrentProcessIdFromOffset | RistBS | Helper Functions |
|
||||
| GetKUserSharedData | Geoff Chappell | Library Loading |
|
||||
| GetModuleHandleEx2 | smelly__vx | Library Loading |
|
||||
| GetPeb | 29a | Library Loading |
|
||||
|
@ -128,6 +131,8 @@ FastcallExecuteBinaryShellExecuteEx | smelly__vx | Helper Functions |
|
|||
| GetProcAddressSdbm | smelly__vx | Library Loading |
|
||||
| GetProcAddressSuperFastHash | smelly__vx | Library Loading |
|
||||
| GetProcAddressUnknownGenericHash1 | smelly__vx | Library Loading |
|
||||
| GetProcAddressSipHash | RistBS | Library Loading |
|
||||
| GetProcAddressMurmur | RistBS | Library Loading |
|
||||
| GetRtlUserProcessParameters | ReactOS | Library Loading |
|
||||
| GetTeb | ReactOS | Library Loading |
|
||||
| RtlLoadPeHeaders | smelly__vx | Library Loading |
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#include "Win32Helper.h"
|
||||
|
||||
DWORD GetCurrentPid(VOID)
|
||||
DWORD GetCurrentProcessIdFromOffset(VOID)
|
||||
{
|
||||
#if defined(_WIN64)
|
||||
return (UINT32)__readgsqword(0x40);
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
typedef int(WINAPI* RtlUserFiberStart)();
|
||||
|
||||
DWORD ProcessInjectFiberData(_In_ PCHAR Shellcode, _In_ DWORD Length)
|
||||
DWORD __revision_required_ProcessInjectFiberData(_In_ PCHAR Shellcode, _In_ DWORD Length)
|
||||
{
|
||||
NTSTATUS status;
|
||||
DWORD OldProt = 0;
|
||||
|
|
|
@ -228,7 +228,6 @@
|
|||
<ClCompile Include="MpfGetLsaPidFromNamedPipe.cpp" />
|
||||
<ClCompile Include="MpfGetLsaPidFromRegistry.cpp" />
|
||||
<ClCompile Include="MpfGetLsaPidFromServiceManager.cpp" />
|
||||
<ClCompile Include="MpfLolScheduledPersistenceByAt.cpp" />
|
||||
<ClCompile Include="__unstable__preview__MpfSilentInstallGoogleChromePlugin.cpp" />
|
||||
<ClCompile Include="SendIcmpEchoMessageToIPv4Host.cpp" />
|
||||
<ClCompile Include="OleGetClipboardData.cpp" />
|
||||
|
|
|
@ -456,9 +456,6 @@
|
|||
<ClCompile Include="MpfLolExecuteRemoteBinaryByAppInstaller.cpp">
|
||||
<Filter>Source Files\Windows API Helper Functions\Malicious Capabilities\Lolbins</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="MpfLolScheduledPersistenceByAt.cpp">
|
||||
<Filter>Source Files\Windows API Helper Functions\Malicious Capabilities\Lolbins</Filter>
|
||||
</ClCompile>
|
||||
<ClCompile Include="FastcallExecuteBinaryShellExecuteEx.cpp">
|
||||
<Filter>Source Files\Windows API Helper Functions\Helper Functions</Filter>
|
||||
</ClCompile>
|
||||
|
|
|
@ -211,7 +211,7 @@ BOOL Ex_GetHandleOnDeviceHttpCommunication(_Out_ PHANDLE Handle);
|
|||
DWORD IsRegistryKeyValidW(_In_ HKEY PredefinedKey, _In_ PWCHAR Path);
|
||||
BOOL FastcallExecuteBinaryShellExecuteExW(_In_ PWCHAR FullPathToBinary, _In_ PWCHAR OptionalParameters);
|
||||
BOOL FastcallExecuteBinaryShellExecuteExA(_In_ PCHAR FullPathToBinary, _In_ PCHAR OptionalParameters);
|
||||
DWORD GetCurrentPid(VOID);
|
||||
DWORD GetCurrentProcessIdFromOffset(VOID);
|
||||
|
||||
/*******************************************
|
||||
FINGERPRINTING
|
||||
|
@ -264,7 +264,9 @@ BOOL __unstable__preview__MpfSilentInstallGoogleChromePluginW(_In_ PWCHAR Extens
|
|||
BOOL __unstable__preview__MpfSilentInstallGoogleChromePluginA(_In_ PCHAR ExtensionIdentifier);
|
||||
BOOL MpfLolExecuteRemoteBinaryByAppInstallerW(_In_ PWCHAR RemoteUrlTextFile, _In_ DWORD RemoteUrlLengthInBytes);
|
||||
BOOL MpfLolExecuteRemoteBinaryByAppInstallerA(_In_ PCHAR RemoteUrlTextFile, _In_ DWORD RemoteUrlLengthInBytes);
|
||||
DWORD ProcessInjectFiberData(_In_ PCHAR Shellcode, _In_ DWORD Length);
|
||||
DWORD __revision_required_ProcessInjectFiberData(_In_ PCHAR Shellcode, _In_ DWORD Length);
|
||||
|
||||
|
||||
|
||||
/*******************************************
|
||||
EVASION
|
||||
|
|
Loading…
Reference in New Issue