Documentation
¶
Index ¶
- func AutoCheck() (bool, error)
- func BlockDLLs() error
- func CalcShellcode() []byte
- func CheckCpu() bool
- func CheckDisk() (bool, error)
- func CheckDrivers() bool
- func CheckHighPrivs() (bool, error)
- func CheckHostname() (bool, error)
- func CheckInternet() bool
- func CheckMemory() (bool, error)
- func CheckProcess() (bool, error)
- func CheckUsername() (bool, error)
- func ClassicUnhook(funcnames []string, dllpath string) error
- func ConvertDllBytesToShellcode(dll_bytes []byte, dll_func string, func_args string) ([]byte, error)
- func ConvertDllToShellcode(dll_file string, dll_func string, func_args string) ([]byte, error)
- func CreateProcess(shellcode []byte, pid int) error
- func CreateProcessBlockDLLs(cmd string) error
- func CreateRemoteThread(shellcode []byte, pid int) error
- func DetectHooks() ([]string, error)
- func DumpLsass(output_file string) error
- func EnableACG() error
- func EnumSystemLocales(shellcode []byte) error
- func EnumSystemLocalesHalos(shellcode []byte) error
- func EtwpCreateEtwThread(shellcode []byte) error
- func Fibers(shellcode []byte) error
- func FullUnhook(dlls_to_unhook []string) error
- func GetEventLogPid() (int, error)
- func GetFuncPtr(hash string, dll string, hashing_func func(str string) string) (*windows.LazyProc, string, error)
- func GetShellcodeFromFile(file string) ([]byte, error)
- func GetShellcodeFromUrl(url string) ([]byte, error)
- func GetSysId(funcname string) (uint16, error)
- func GetSysIdHash(hash string, dll string, hashing_func func(str string) string) (uint16, string, error)
- func GetSysIdHashHalos(hash string, hashing_func func(str string) string) (uint16, string, error)
- func IsHooked(func_name string) (bool, error)
- func Md5(src string) string
- func NoRWX(shellcode []byte) error
- func NtCreateThreadEx(shellcode []byte, pid int) error
- func NtCreateThreadExHalos(shellcode []byte) error
- func NtQueueApcThreadEx(shellcode []byte) error
- func PatchAmsi() error
- func PatchAmsi2() error
- func PatchEtw() error
- func PatchEtw2() error
- func PerunsUnhook() error
- func Phant0m(eventlog_pid int) error
- func ProcessHollowing(shellcode []byte, proc string, blockdlls bool) error
- func QueueUserApc(shellcode []byte) error
- func RtlCreateUserThread(shellcode []byte, pid int) error
- func Sha1(src string) string
- func Sha256(src string) string
- func Sleep()
- func Syscall(callid uint16, argh ...uintptr) (uint32, error)
- func UuidFromString(shellcode []byte) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CalcShellcode ¶
func CalcShellcode() []byte
func CheckDrivers ¶
func CheckDrivers() bool
func CheckHighPrivs ¶
func CheckHostname ¶
func CheckInternet ¶
func CheckInternet() bool
func CheckMemory ¶
func CheckProcess ¶
func CheckUsername ¶
func ClassicUnhook ¶
func ConvertDllToShellcode ¶
func CreateProcess ¶
use 0 as pid to self-inject
func CreateProcessBlockDLLs ¶
func CreateRemoteThread ¶
use 0 as pid to self-inject
func DetectHooks ¶
func EnumSystemLocales ¶
func EnumSystemLocalesHalos ¶
func EtwpCreateEtwThread ¶
func FullUnhook ¶
unhook especified DLLs (provide full paths)
func GetEventLogPid ¶
func GetFuncPtr ¶
func GetShellcodeFromFile ¶
func GetShellcodeFromUrl ¶
func GetSysIdHash ¶
func GetSysIdHashHalos ¶
func NtCreateThreadEx ¶
func NtCreateThreadExHalos ¶
func NtQueueApcThreadEx ¶
func PatchAmsi2 ¶
func PatchAmsi2() error
func QueueUserApc ¶
func RtlCreateUserThread ¶
func UuidFromString ¶
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.