Skip to content

Ab4y98/RogueLoader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
Hasher
Hasher
 
 
Hell'sHall
Hell'sHall
 
 
XOR
XOR
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
RogueLoader.sln
RogueLoader.sln
 
 

Repository files navigation

RogueLoader

🚨 Proof of Concept to bypass NTAPI hooking using @maldevacademy's indirect syscalls technique.

🔥 Features

  1. Indirect Syscall Bypass via HellsHall (Thanks to @maldevacademy)
  2. InetSim Detection – detects sandbox and halts execution if triggered
  3. API Hashing – for stealthy function resolution
  4. IAT Obfuscation – evades static analysis tools
  5. Debugger Check – anti-debug trickery
  6. XOR-Based Decryption – runtime decryption for payload execution

Usage

Encrypt your payload:

XOR.exe <file_path> <key>

Launch the loader:

Loader.exe

Screenshot

RogueLoader Screenshot

About

PoC to bypass Userland Hooks

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages