This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for malicious purposes. Exercise discretion and responsibility in their usage. I disclaim any liability for actions resulting from your utilization of this content.
☆17Aug 4, 2024Updated last year
Alternatives and similar repositories for Malware_Specimens
Users that are interested in Malware_Specimens are comparing it to the libraries listed below
Sorting:
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33May 30, 2024Updated last year
- ☆16Sep 23, 2021Updated 4 years ago
- A C++/Asm template for PIC/EXE/DLL malware☆24Aug 12, 2025Updated 6 months ago
- Infects PE files with a shellcode☆22Oct 20, 2018Updated 7 years ago
- ☆32Jun 1, 2024Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- Call the CLR interface from memory to load powershell, process-less powershell☆15Sep 7, 2023Updated 2 years ago
- Windows Sandbox Framework☆40Dec 31, 2021Updated 4 years ago
- ☆24Nov 11, 2025Updated 3 months ago
- RunPE implementation with multiple evasive techniques (2)☆273Sep 25, 2025Updated 5 months ago
- ☆10Sep 3, 2021Updated 4 years ago
- HEVD Exploits for fun and learning.☆15Aug 30, 2025Updated 6 months ago
- Windows Privilege Escalation☆51Jun 8, 2022Updated 3 years ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆30Oct 28, 2019Updated 6 years ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆270Jun 18, 2025Updated 8 months ago
- Impacket is a collection of Python classes for working with network protocols.☆38Oct 13, 2021Updated 4 years ago
- A maid cafe's maid AI assistant with Microsoft Semantic Kernel☆10May 11, 2024Updated last year
- Queries from the blog posts.☆15Oct 6, 2024Updated last year
- ☆15Feb 15, 2022Updated 4 years ago
- A simple C# password manager that uses SHA256 and AES Encryption.☆10Nov 20, 2020Updated 5 years ago
- This is my own custom fork of Bhassani's original repo, which contains the (unfinished) reverse-engineered WannaCry Ransomware-related fi…☆10Mar 7, 2023Updated 2 years ago
- slides for talk given during uscg 2023 combine☆38Sep 6, 2023Updated 2 years ago
- poc for cve-2025-53772☆46Dec 10, 2025Updated 2 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆96Oct 7, 2024Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆102Jun 16, 2024Updated last year
- GhostWriting Injection Technique.☆195Mar 26, 2018Updated 7 years ago
- pe reflection tool, which confuses invoke and entry☆41Aug 29, 2022Updated 3 years ago
- A Windows PE packer for executables (x64) with LZMA compression and with full TLS (Thread Local Storage) support.☆93Oct 27, 2025Updated 4 months ago
- This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions☆44Jun 12, 2024Updated last year
- Open Source C&C Specification☆277Feb 28, 2025Updated last year
- RTL-SDR 433MHz signal recovery with MATLAB☆12Feb 13, 2015Updated 11 years ago
- ☆15Mar 28, 2015Updated 10 years ago
- Compiled Binaries for Sharp Suite☆15Dec 28, 2019Updated 6 years ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago
- Malware dev tricks. Syscalls part 1. Simple C example☆10Jun 8, 2023Updated 2 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- Because who doesn't want their fetch tool to have cat ascii☆10Jun 1, 2023Updated 2 years ago