0xBinarySl3uth / Malware_Specimens
This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for malicious purposes. Exercise discretion and responsibility in their usage. I disclaim any liability for actions resulting from your utilization of this content.
☆16Updated 7 months ago
Alternatives and similar repositories for Malware_Specimens:
Users that are interested in Malware_Specimens are comparing it to the libraries listed below
- Malware?☆69Updated 5 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 7 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆138Updated this week
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆92Updated 11 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 8 months ago
- Bypass LSA protection using the BYODLL technique☆155Updated 5 months ago
- ☆61Updated 9 months ago
- Patch AMSI and ETW in remote process via direct syscall☆81Updated 2 years ago
- Threadless shellcode injection tool☆63Updated 7 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆58Updated last year
- Do some DLL SideLoading magic☆79Updated last year
- Create Anti-Copy DRM Malware☆54Updated 6 months ago
- ☆120Updated last year
- TypeLib persistence technique☆108Updated 4 months ago
- A bunch of scripts and code i wrote.☆134Updated 4 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆87Updated 8 months ago
- ☆95Updated last month
- A collection of position independent coding resources☆66Updated 3 weeks ago
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆151Updated last year
- ☆123Updated 6 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆64Updated this week
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆96Updated last year
- BOF with Synthetic Stackframe☆137Updated 2 weeks ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆98Updated last year
- ☆148Updated last year
- ☆42Updated 2 years ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆176Updated last year
- Red Team Operation's Defense Evasion Technique.☆52Updated 9 months ago