antnium icon indicating copy to clipboard operation
antnium copied to clipboard
verified publisher icon dobin

Rework windows API

Open dobin opened this issue 3 years ago • 0 comments

Currently there are two or three windows APIs used:

  • arch_windows.c: Reflexxion system calls stubs (direct syscalls)
  • inject/: from go-inject, to perform process injection
  • syscalls/: from sliver, to perform sliver related stuff like donut shellcode injection

At least merge inject/ and syscalls/. Preferable replace with direct syscalls in pure go, if possible.

dobin avatar Jun 25 '22 09:06 dobin