Skip to content
/ SyscallHide Public

Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.

74 stars 17 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

panagioto/SyscallHide

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
SyscallHide
SyscallHide
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
SyscallHide.sln
SyscallHide.sln
 
 

Repository files navigation

SyscallHide

Create a Run registry key with direct system calls. Inspired by @Cneelis 's Dumpert and SharpHide.

Odzhan & @therealwover's Donut tool can be used if you don't want to touch the disk.

The tool was tested against:

  • Windows Server 2016
  • Windows 10 1903
  • Windows 7 SP1

Usage

SyscallHide.exe create C:\Windows\Temp\backdoor.exe argument1

Example

SyscallHide.exe create C:\Windows\Temp\backdoor.exe arguement1
[>] Checking OS version details:
         [>] Operating System is Windows 10 or Server 2016, build number 18362.
         [>] Mapping version specific system calls.
         [>] SyscallHide is not running as elevated user.

Bugs

For any bugs give me a shout on Twitter @den_n1s or open an issue.

About

Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.

Resources

Readme
Activity

Stars

74 stars

Watchers

4 watching

Forks

17 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages