0xvpr / Malicious-Software-Research
A repository dedicated to researching, documenting, developing, and ultimately, defending against various strains of malicious software.
☆25Updated 5 months ago
Related projects: ⓘ
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆57Updated last year
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆39Updated last year
- Red Team Operation's Defense Evasion Technique.☆50Updated 3 months ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆81Updated last year
- Akame is an open-source, UD shellcode loader written in C++17.☆19Updated 2 months ago
- ☆26Updated this week
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆35Updated 10 months ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆64Updated 2 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆86Updated 11 months ago
- ☆55Updated this week
- the Open Source and Pure C++ Packer for eXecutables☆18Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆50Updated last year
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆32Updated 3 years ago
- ☆33Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆35Updated 4 months ago
- ☆24Updated last year
- Working repo used to experiment with various languages as it relates to offensive security & evasion.☆28Updated 3 months ago
- A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique☆24Updated last year
- Various methods of executing shellcode☆67Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 7 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- ☆50Updated 2 years ago
- ☆24Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆20Updated this week
- ☆39Updated this week
- This is a simple example of DLL hijacking enabling proxy execution.☆65Updated last year
- PoC-Malware-TTPs☆48Updated last year
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆36Updated last year
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…☆36Updated 10 months ago
- ☆50Updated this week