-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathindex.html
More file actions
105 lines (101 loc) · 10.9 KB
/
index.html
File metadata and controls
105 lines (101 loc) · 10.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta name="generator" content="Hugo 0.92.2" />
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="noodp" />
<meta http-equiv="X-UA-Compatible" content="IE=edge, chrome=1">
<title>aeverj's blog</title><meta name="Description" content="关于 LoveIt 主题"><meta property="og:title" content="aeverj's blog" />
<meta property="og:description" content="关于 LoveIt 主题" />
<meta property="og:type" content="website" />
<meta property="og:url" content="https://aeverj.github.io/" /><meta property="og:image" content="https://aeverj.github.io/logo.png"/>
<meta name="twitter:card" content="summary_large_image"/>
<meta name="twitter:image" content="https://aeverj.github.io/logo.png"/>
<meta name="twitter:title" content="aeverj's blog"/>
<meta name="twitter:description" content="关于 LoveIt 主题"/>
<meta name="application-name" content="LoveIt">
<meta name="apple-mobile-web-app-title" content="LoveIt"><meta name="theme-color" content="#ffffff"><meta name="msapplication-TileColor" content="#da532c"><link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png"><link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png"><link rel="mask-icon" href="/safari-pinned-tab.svg" color="#5bbad5"><link rel="manifest" href="/site.webmanifest"><link rel="canonical" href="https://aeverj.github.io/" /><link rel="alternate" href="/index.xml" type="application/rss+xml" title="aeverj's blog">
<link rel="feed" href="/index.xml" type="application/rss+xml" title="aeverj's blog"><link rel="stylesheet" href="/lib/normalize/normalize.min.css"><link rel="stylesheet" href="/css/style.min.css"><link rel="stylesheet" href="/lib/fontawesome-free/all.min.css"><link rel="stylesheet" href="/lib/animate/animate.min.css"><meta name="google-site-verification" content="rb4qWhYXeieq9xEFnYtkomsh9AeB1A-Ery8bhO64QWo" /><script type="application/ld+json">
{
"@context": "http://schema.org",
"@type": "WebSite",
"url": "https:\/\/aeverj.github.io\/","inLanguage": "zh-CN","description": "关于 LoveIt 主题","license": "This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.","name": "aeverj's blog"
}
</script></head>
<body header-desktop="fixed" header-mobile="auto"><script type="text/javascript">(window.localStorage && localStorage.getItem('theme') ? localStorage.getItem('theme') === 'dark' : ('' === 'auto' ? window.matchMedia('(prefers-color-scheme: dark)').matches : '' === 'dark')) && document.body.setAttribute('theme', 'dark');</script>
<div id="mask"></div><div class="wrapper"><header class="desktop" id="header-desktop">
<div class="header-wrapper">
<div class="header-title">
<a href="/" title="aeverj's blog"><span class="header-title-pre"><i class='far fa-kiss-wink-heart fa-fw'></i></span><span id="id-1" class="typeit"></span></a>
</div>
<div class="menu">
<div class="menu-inner"><a class="menu-item" href="/posts/"> 所有文章 </a><a class="menu-item" href="/tags/"> 标签 </a><a class="menu-item" href="/categories/"> 分类 </a><a class="menu-item" href="/about/"> 关于 </a><a class="menu-item" href="https://github.com/aeverj" title="GitHub" rel="noopener noreffer" target="_blank"><i class='fab fa-github fa-fw'></i> </a><span class="menu-item delimiter"></span><a href="javascript:void(0);" class="menu-item theme-switch" title="切换主题">
<i class="fas fa-adjust fa-fw"></i>
</a>
</div>
</div>
</div>
</header><header class="mobile" id="header-mobile">
<div class="header-container">
<div class="header-wrapper">
<div class="header-title">
<a href="/" title="aeverj's blog"><span class="header-title-pre"><i class='far fa-kiss-wink-heart fa-fw'></i></span><span id="id-2" class="typeit"></span></a>
</div>
<div class="menu-toggle" id="menu-toggle-mobile">
<span></span><span></span><span></span>
</div>
</div>
<div class="menu" id="menu-mobile"><a class="menu-item" href="/posts/" title="">所有文章</a><a class="menu-item" href="/tags/" title="">标签</a><a class="menu-item" href="/categories/" title="">分类</a><a class="menu-item" href="/about/" title="">关于</a><a class="menu-item" href="https://github.com/aeverj" title="GitHub" rel="noopener noreffer" target="_blank"><i class='fab fa-github fa-fw'></i></a><a href="javascript:void(0);" class="menu-item theme-switch" title="切换主题">
<i class="fas fa-adjust fa-fw"></i>
</a></div>
</div>
</header>
<div class="search-dropdown desktop">
<div id="search-dropdown-desktop"></div>
</div>
<div class="search-dropdown mobile">
<div id="search-dropdown-mobile"></div>
</div>
<main class="main">
<div class="container"><div class="page home" posts><div class="home-profile"><div class="home-avatar"><a href="/posts/" title="所有文章"><img
class="lazyload"
src="/svg/loading.min.svg"
data-src="https://avatars.githubusercontent.com/u/37864882?v=4"
data-srcset="https://avatars.githubusercontent.com/u/37864882?v=4, https://avatars.githubusercontent.com/u/37864882?v=4 1.5x, https://avatars.githubusercontent.com/u/37864882?v=4 2x"
data-sizes="auto"
alt="https://avatars.githubusercontent.com/u/37864882?v=4"
title="https://avatars.githubusercontent.com/u/37864882?v=4" /></a></div><h2 class="home-subtitle">认清形势 放弃幻想</h2><div class="links"><a href="https://github.com/aeverj" title="GitHub" target="_blank" rel="noopener noreffer me"><i class="fab fa-github-alt fa-fw"></i></a><a href="mailto:aeverj@foxmail.com" title="Email" rel=" me"><i class="far fa-envelope fa-fw"></i></a><a href="/index.xml" title="RSS" target="_blank" rel="noopener noreffer me"><i class="fas fa-rss fa-fw"></i></a></div><h3 class="home-disclaimer">这个博客仅用于技术交流,任何人不得将上述技术用于非法用途</h3></div>
<article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/rdi-%E5%8F%8D%E5%B0%84dll%E5%8A%A0%E8%BD%BD/">RDI 反射dll加载(KaynLdr)</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel=" author" class="author"><i class="fas fa-user-circle fa-fw"></i>aeverj</a></span> <span class="post-publish">发布于 <time datetime="2022-05-04">2022-05-04</time></span> <span class="post-category">收录于 <a href="/categories/%E7%BA%A2%E9%98%9F%E6%94%BB%E9%98%B2/"><i class="far fa-folder fa-fw"></i>红队攻防</a></span></div><div class="content"><p>RDI是无文件落地,直接内存加载执行PE的技术,C2中经常使用。</p></div><div class="post-footer">
<a href="/posts/rdi-%E5%8F%8D%E5%B0%84dll%E5%8A%A0%E8%BD%BD/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw"></i> <a href="/tags/%E5%85%8D%E6%9D%80/">免杀</a>, <a href="/tags/syscall/">syscall</a>, <a href="/tags/rdi/">RDI</a>, <a href="/tags/%E6%97%A0%E6%96%87%E4%BB%B6%E5%8A%A0%E8%BD%BD/">无文件加载</a>, <a href="/tags/%E8%BF%9B%E7%A8%8B%E6%B3%A8%E5%85%A5/">进程注入</a></div></div>
</article><article class="single summary" itemscope itemtype="http://schema.org/Article"><h1 class="single-title" itemprop="name headline">
<a href="/posts/syscall%E5%85%8D%E6%9D%80/">利用Syscall免杀 v2.0</a>
</h1><div class="post-meta"><span class="post-author"><a href="/" title="Author" rel=" author" class="author"><i class="fas fa-user-circle fa-fw"></i>aeverj</a></span> <span class="post-publish">发布于 <time datetime="2022-02-16">2022-02-16</time></span> <span class="post-category">收录于 <a href="/categories/%E7%BA%A2%E9%98%9F%E6%94%BB%E9%98%B2/"><i class="far fa-folder fa-fw"></i>红队攻防</a></span></div><div class="content"><p>winx64中动态获取syscall调用号,绕过AV/EDR对ntdll的hook</p></div><div class="post-footer">
<a href="/posts/syscall%E5%85%8D%E6%9D%80/">阅读全文</a><div class="post-tags">
<i class="fas fa-tags fa-fw"></i> <a href="/tags/%E5%85%8D%E6%9D%80/">免杀</a>, <a href="/tags/.net/">.net</a>, <a href="/tags/syscall/">syscall</a>, <a href="/tags/c++/">C++</a>, <a href="/tags/nimlang/">NimLang</a></div></div>
</article><ul class="pagination"><li class="page-item active">
<span class="page-link">
<a href="/">1</a>
</span>
</li><li class="page-item ">
<span class="page-link">
<a href="/page/2/">2</a>
</span>
</li></ul></div></div>
</main><footer class="footer">
<div class="footer-container"><div class="footer-line">由 <a href="https://gohugo.io/" target="_blank" rel="noopener noreffer" title="Hugo 0.92.2">Hugo</a> 强力驱动 | 主题 - <a href="https://github.com/dillonzq/LoveIt" target="_blank" rel="noopener noreffer" title="LoveIt 0.2.10"><i class="far fa-kiss-wink-heart fa-fw"></i> LoveIt</a>
</div><div class="footer-line"><i class="far fa-copyright fa-fw"></i><span itemprop="copyrightYear">2019 - 2024</span><span class="author" itemprop="copyrightHolder"> <a href="/" target="_blank"></a></span> | <span class="license"><a rel="license external nofollow noopener noreffer" href="https://creativecommons.org/licenses/by-nc/4.0/" target="_blank">CC BY-NC 4.0</a></span></div>
</div>
</footer></div>
<div id="fixed-buttons"><a href="#" id="back-to-top" class="fixed-button" title="回到顶部">
<i class="fas fa-arrow-up fa-fw"></i>
</a><a href="#" id="view-comments" class="fixed-button" title="查看评论">
<i class="fas fa-comment fa-fw"></i>
</a>
</div><script type="text/javascript" src="/lib/smooth-scroll/smooth-scroll.min.js"></script><script type="text/javascript" src="/lib/lazysizes/lazysizes.min.js"></script><script type="text/javascript" src="/lib/clipboard/clipboard.min.js"></script><script type="text/javascript" src="/lib/typeit/typeit.min.js"></script><script type="text/javascript">window.config={"code":{"copyTitle":"复制到剪贴板","maxShownLines":10},"data":{"id-1":"averj's blog","id-2":"averj's blog"},"typeit":{"cursorChar":null,"cursorSpeed":null,"data":{"id-1":["id-1"],"id-2":["id-2"]},"duration":null,"speed":null}};</script><script type="text/javascript" src="/js/theme.min.js"></script></body>
</html>