0prrr / Malwear-SweetLinks
Malware?
☆74Updated 10 months ago
Alternatives and similar repositories for Malwear-Sweet
Users that are interested in Malwear-Sweet are comparing it to the libraries listed below
Sorting:
- Splitting and executing shellcode across multiple pages☆101Updated 2 years ago
- ☆137Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆105Updated last year
- Patch AMSI and ETW in remote process via direct syscall☆83Updated 3 years ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆149Updated last week
- shell code example☆62Updated 3 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆63Updated last year
- TypeLib persistence technique☆127Updated 10 months ago
- ☆76Updated 7 months ago
- A bunch of scripts and code i wrote.☆143Updated 9 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆96Updated 6 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆138Updated 2 years ago
- ForsHops☆56Updated 5 months ago
- ☆61Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆180Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆120Updated last year
- ☆122Updated 7 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆131Updated last year
- Linker for Beacon Object Files☆126Updated last month
- Code execution/injection technique using DLL PEB module structure manipulation☆161Updated 2 months ago
- Bypass LSA protection using the BYODLL technique☆168Updated 11 months ago
- A collection of position independent coding resources☆92Updated 6 months ago
- ☆152Updated last year
- An App Domain Manager Injection DLL PoC on steroids☆173Updated last year
- Shellcode loader☆92Updated 9 months ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆98Updated 3 years ago
- Do some DLL SideLoading magic☆86Updated last year