3xp0rt / VX-API
Collection of various WINAPI tricks / features used or abused by Malware
☆12Updated 2 years ago
Related projects: ⓘ
- a small wiper malware programmed in c#☆43Updated last year
- ☆24Updated last year
- AMSI Bypass for powershell☆29Updated 2 years ago
- IAT Unhooking proof-of-concept☆26Updated 5 months ago
- Red Team Operation's Defense Evasion Technique.☆50Updated 3 months ago
- A Flask-based HTTP(S) command and control (C2) with a web frontend. Malleable agent written in Go.☆35Updated last year
- An offensive security framework for writing payloads☆13Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆19Updated last year
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆39Updated last year
- This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. P…☆14Updated 2 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆50Updated last year
- Make an executable run with TrustedInstaller permissions under SYSTEM account.☆38Updated 3 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated last year
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆77Updated 7 months ago
- ☆28Updated this week
- Coyote is a standalone C# post-exploitation implant for maintaining access to compromised Windows infrastructure during red team engageme…☆19Updated 2 years ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆31Updated last year
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated last year
- VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server☆62Updated 11 months ago
- A utility that can be used to launch an executable with a DLL injected☆19Updated 10 months ago
- ☆26Updated this week
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆41Updated last year
- This is a simple example of DLL hijacking enabling proxy execution.☆65Updated last year
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆31Updated 2 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆21Updated 2 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆56Updated 9 months ago
- Rust Weaponization for Red Team Engagements.☆11Updated last year
- A privilege escalation vulnerability exists in Windows due to a flaw in the implementation of the Atom Table. An attacker could exploit t…☆25Updated this week
- ☆12Updated this week
- A Bumblebee-inspired Crypter☆79Updated last year