# C/C++
最近学习Windows编程总结
Windows - 文件映射
Windows - 线程同步
Windows - 内存管理
静态恶意代码逃逸(第一课) - 混淆加密bin2shellcode
静态恶意代码逃逸(第二课) - win操作系统内存、内存的申请、执行、加上了异或代码
静态恶意代码逃逸(第三课) - 内存申请优化(先读写后执行)、异或方式
静态恶意代码逃逸(第四课) - 分离免杀、管道
静态恶意代码逃逸(第五课) - 真正意义上的分离、socket
静态恶意代码逃逸(第六课) - winPE、MemoryModule、反射dll
静态恶意代码逃逸(第七课) - 隐藏导入表,减少文件特征
静态恶意代码逃逸(第八课) - 重载的运算符是带有特殊名称的函数
静态恶意代码逃逸(第九课) - 使用HeapCreate API来关闭DEP保护,获取在堆上的代码执行权限,从而绕过对VirtualAlloc的检测
静态恶意代码逃逸(第十课) - 使用UUID的方式存储Shellcode,再介绍一些CALL BACK函数的特性来加载Shellcode
静态恶意代码逃逸(第十一课) - 汇编语言编写Shellcode加载器
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://gitbook.se7ensec.cn/dai-ma-mo-ban/c-c++.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.