Skip to content
/ sw2-secinject Public

Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF

41 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ScriptIdiot/sw2-secinject

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
dist
dist
 
 
src
src
 
 
README.md
README.md
 
 

Repository files navigation

Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF

This project is for SysWhisper2 practice purpose and heavily relies on https://github.com/apokryptein/secinject

  • Failed to implement RtlCreateUserThread since syscall cannot be found using SW2
  • ^Replaced with NtCreateThreadEx
  • Currently, this is only implemented for x64 processes.

How to Make

git clone https://github.com/ScriptIdiot/sw2-secinject.git
cd sw2-secinject/src
make

How to Use

Injecting Beacon

sw2-sec-inject PID LISTENER-NAME

image

Injecting Other Shellcode

sw2-sec-shinject PID /path/to/bin

image

Code References

https://github.com/apokryptein/secinject

https://github.com/Sh0ckFR/InlineWhispers2

About

Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF

Resources

Readme
Activity

Stars

41 stars

Watchers

2 watching

Forks

11 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages