3xp0rt / VX-API
Collection of various WINAPI tricks / features used or abused by Malware
☆13Updated 3 years ago
Alternatives and similar repositories for VX-API:
Users that are interested in VX-API are comparing it to the libraries listed below
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Repository for archiving Cobalt Strike configuration☆29Updated this week
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆40Updated 2 years ago
- ☆27Updated 2 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆82Updated last year
- ☆18Updated 6 months ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆41Updated last year
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆62Updated last year
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆16Updated last year
- A collection of source code, binaries, and compilation scripts designed to bypass detection☆25Updated 2 years ago
- Simple ransomware written in Rust. Part of the building a rustomware blog post.☆32Updated last year
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65Updated last year
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps …☆24Updated 2 years ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- ☆59Updated last year
- exfiltration/infiltration toolkit☆23Updated last year
- using the gpu to hide your payload☆57Updated 2 years ago
- ☆27Updated last year
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Updated 2 years ago
- CSharp4Pentesters☆12Updated 3 years ago
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…☆26Updated 7 months ago
- the Open Source and Pure C++ Packer for eXecutables☆20Updated 2 years ago
- A collection of my presentation materials.☆17Updated 11 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆58Updated last year