My Nim implementation of the most common shellcode injector, using HalosGate to retrieve system call opcodes dynamically from NTDLL even when there are EDR API Hooks in place.
It relies heavily in other implementations, so huge thanks to SEKTOR7 1 for implementing this technique and @am0nsec and @RtlMateusz for creating the Hell's Gate paper in first place 2. Thanks also to @zimawhit3 for his Nim Hell's gate implementation 3 :)
Its usage is pretty simple, just compile the binary with nim:
nim c -d=mingw --app=console --cpu=amd64 HalosGate.nimAnd run it in the target machine specifying the PID of the process in which you want to inject the shellcode:
./HalosGate.exe <PID>