HellsVectoredGate

HellsVectoredGate is a technique that combaines VEH (Vectored Exception Handler)and indirect syscalls allowing the operator to execute native system calls through exception without directly invoking the syscall instruction in a traceable way. You must make specific exceptino (this case uses ACCESS_VIOLATION) so that registered VEH handle it.

Usage

Initializing NTDLL_CONFIG and NT_API structures. Finding SSN of the syscalls and random syscall instruction address:

Memory allocation - NtAllocateVirtualMemory

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
HellsVectoredGate		HellsVectoredGate
Media		Media
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

HellsVectoredGate

Usage

Memory allocation - NtAllocateVirtualMemory

Payload writing - NtWriteVirtualMemory

New access PAGE_EXECUTE_READ - NtProtectVirtualMemory

New thread creation - NtCreateThreadEx

NtWaitForSingleObject

Final results

About

Uh oh!

Releases

Packages

Languages

Sh3lldon/HellsVectoredGate

Folders and files

Latest commit

History

Repository files navigation

HellsVectoredGate

Usage

Memory allocation - NtAllocateVirtualMemory

Payload writing - NtWriteVirtualMemory

New access PAGE_EXECUTE_READ - NtProtectVirtualMemory

New thread creation - NtCreateThreadEx

NtWaitForSingleObject

Final results

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages