Bypassing Firewall Through Process Injection - Bypasser Source Code

[ihateronaldo11]

Repo is not mine. So be aware of backdoor, viruses.

Description: Download data from the internet bypassing the firewall using process injection

GitHub - redeflesq/firewall-bypass: Download data from the internet bypassing the firewall using process injection

Download data from the internet bypassing the firewall using process injection - GitHub - redeflesq/firewall-bypass: Download data from the internet bypassing the firewall using process injection

github.com

 

[ringlight]

It uses a lot of common WinAPI calls for internet connection. Will be interest to see active detection on the bin on execution. Simple pseudo code on how the above code work.

if (VirtualExecuteEx is called
    AND (WinINet functions are called
         OR CreateRemoteThread or WriteProcessMemory are called)
    AND TargetProcessID is in Blacklist) {
    Trigger Alert;
}