This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for malicious purposes. Exercise discretion and responsibility in their usage. I disclaim any liability for actions resulting from your utilization of this content.
☆19Aug 4, 2024Updated last year
Alternatives and similar repositories for Malware_Specimens
Users that are interested in Malware_Specimens are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Metamorphic Permutating High-Obfuscating Reassembler. Coded by The Mental Driller/29A.☆27Aug 20, 2013Updated 12 years ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated 2 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 3 years ago
- 📱 RUNIC tamper detection demo - designed to serve as a parallel for understanding more complex tamper detection and integrity systems su…☆16Apr 13, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 本项目集成了全网优秀的攻防工具项目,包含自动化利用,子域名、敏感目录、端口等扫描,各大中间件,cms漏洞利用工具以及应急响应等资料。☆14Jul 18, 2022Updated 3 years ago
- C++ Reflective Assembly Loader☆33Mar 7, 2025Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆134Jun 16, 2024Updated last year
- A python metamorphic engine for PE/PE+ files.☆15Jan 1, 2023Updated 3 years ago
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated last year
- RunPE implementation with multiple evasive techniques (2)☆282Sep 25, 2025Updated 8 months ago
- DSE & PG bypass via BYOVD attack☆81Jul 12, 2025Updated 11 months ago
- Umbrella will protect your shellcode from the rain.☆30Jun 4, 2025Updated last year
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆269Sep 23, 2025Updated 8 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆70Dec 19, 2024Updated last year
- Malware dev tricks. Syscalls part 1. Simple C example☆12Jun 8, 2023Updated 3 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- GhostWriting Injection Technique.☆201Mar 26, 2018Updated 8 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆24Aug 12, 2025Updated 10 months ago
- A simulation of the RFCTF KOTH game.☆10Aug 14, 2020Updated 5 years ago
- Repository focused on advanced Red Team tools and techniques, mainly created with C. It contains projects I have created to understand ma…☆21Updated this week
- slides for talk given during uscg 2023 combine☆37Sep 6, 2023Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Aug 14, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- 记录学习codeql的过程☆10Jan 27, 2022Updated 4 years ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆32Oct 28, 2019Updated 6 years ago
- ICMP隧道,用于内网渗透工具☆10Mar 13, 2019Updated 7 years ago
- This tool exploits Golden DMSA attack against delegated Managed Service Accounts.☆99Jul 15, 2025Updated 11 months ago
- A Windows PE packer for executables (x64) with LZMA compression and with full TLS (Thread Local Storage) support.☆99Oct 27, 2025Updated 7 months ago
- Advanced PoC & Research for CVE-2026-0828 (Safetica) and CVE-2025-7771 (ThrottleStop). Analysis of BYOVD (Bring Your Own Vulnerable Drive…☆41Feb 4, 2026Updated 4 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆19Jun 26, 2025Updated 11 months ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆77Sep 29, 2022Updated 3 years ago
- ☆32Jun 1, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Because who doesn't want their fetch tool to have cat ascii☆10Jun 1, 2023Updated 3 years ago
- ☆20Oct 25, 2024Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆35Jun 23, 2024Updated last year
- Havoc plugin allowing in-memory execution of PowerShell cmdlets☆14Dec 14, 2023Updated 2 years ago
- ☆69Apr 20, 2026Updated last month
- Some fixes for the not-so-refreshing visual refresh Discord rolled out☆12Mar 26, 2025Updated last year
- Call the CLR interface from memory to load powershell, process-less powershell☆15Sep 7, 2023Updated 2 years ago