0xBinarySl3uth / Malware_SpecimensLinks
This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for malicious purposes. Exercise discretion and responsibility in their usage. I disclaim any liability for actions resulting from your utilization of this content.
☆17Updated 10 months ago
Alternatives and similar repositories for Malware_Specimens
Users that are interested in Malware_Specimens are comparing it to the libraries listed below
Sorting:
- Malware?☆70Updated 8 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 11 months ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆93Updated last year
- shell code example☆49Updated last month
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆82Updated 4 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 10 months ago
- Next gen process injection technique☆54Updated 4 years ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆164Updated 3 months ago
- A collection of position independent coding resources☆79Updated 4 months ago
- Construct the payload at runtime using an array of offsets☆63Updated last year
- Injecting DLL into LSASS at boot☆123Updated last month
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆65Updated 2 months ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- ForsHops☆53Updated 3 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆90Updated last year
- A bunch of scripts and code i wrote.☆141Updated 7 months ago
- ☆110Updated 5 months ago
- ☆86Updated 10 months ago
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- Threadless shellcode injection tool☆65Updated 10 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆63Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆265Updated 9 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆180Updated last year
- kernel-mode DLL Injector☆86Updated 2 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆125Updated 5 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆98Updated 2 months ago
- Section-based payload obfuscation technique for x64☆61Updated 10 months ago
- Shellcode loader☆86Updated 7 months ago