An modern 64-bit position independent implant template.
#include <Common.h>
#include <Constexpr.h>
FUNC VOID Main(
_In_ PVOID Param
) {
STARDUST_INSTANCE
PVOID Message = { 0 };
//
// resolve kernel32.dll related functions
//
if ( ( Instance()->Modules.Kernel32 = LdrModulePeb( H_MODULE_KERNEL32 ) ) ) {
if ( ! ( Instance()->Win32.LoadLibraryW = LdrFunction( Instance()->Modules.Kernel32, HASH_STR( "LoadLibraryW" ) ) ) ) {
return;
}
}
//
// resolve user32.dll related functions
//
if ( ( Instance()->Modules.User32 = Instance()->Win32.LoadLibraryW( L"User32" ) ) ) {
if ( ! ( Instance()->Win32.MessageBoxW = LdrFunction( Instance()->Modules.User32, HASH_STR( "MessageBoxW" ) ) ) ) {
return;
}
}
Message = NtCurrentPeb()->ProcessParameters->ImagePathName.Buffer;
//
// pop da message
//
Instance()->Win32.MessageBoxW( NULL, Message, L"Stardust MessageBox", MB_OK );
}
I have written a Blog post about how it fully works and the reason behind it.
SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…
The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…
The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…
The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…
AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…
Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…