AbdouRoumi / ProcessHacker-Argument-SpooferLinks
Malware evasion technique by manipulating process command-line arguments to hide the actual executed payload, used to evade the manual detection of ProcessHacker and ProcessExplorer. MITRE ATT&CK ID: T1036.005 (Masquerading: Match Legitimate Name or Location).
☆15Updated 6 months ago
Alternatives and similar repositories for ProcessHacker-Argument-Spoofer
Users that are interested in ProcessHacker-Argument-Spoofer are comparing it to the libraries listed below
Sorting:
- A custom implementation of GetProcAddress, often used in malware to evade detection by bypassing standard API resolution methods☆16Updated 6 months ago
- ☆15Updated 9 months ago
- ☆14Updated 9 months ago
- A custom implementation of GetModuleHandle, often used in malware to evade detection by bypassing standard API resolution methods☆17Updated 5 months ago
- This is an application for both MalwareScanner and MalwareStaging☆17Updated 9 months ago
- Research in progress: A malware that abuses the GPU to accelerate the decryption process.☆21Updated 4 months ago
- A Windows string hashing toolkit for security research and malware analysis.Research implementation of malware-focused algorithms from V…☆15Updated 5 months ago
- This is a repo that contains an implementation of Parent PID spoofing evasion technique, MITRE ID T1036☆12Updated 6 months ago
- Code injection via Asynchronous Procedure Calls to bypass Windows defenses. Mapped to MITRE ATT&CK T1055.004.(Process Injection: Asynchro…☆23Updated 8 months ago
- This Malware is an application for MalwareEvasionTechniques repo .I used in it Registery staging in two modes R/W and I combined it with …☆15Updated 9 months ago
- This is a repo that contains 2 techniques : Local mapping injection and Remote injection technique , MITRE ID T1055☆17Updated 8 months ago
- This is a malware that i used in it remote thread hijacking☆12Updated 9 months ago
- This is a malware that i used in it remote process injection technique, it scans for processes chooses the one you named and inject shell…☆18Updated 9 months ago
- Function Stomping (MITRE ATT&CK ID: T1055.012) — Advanced injection technique overwriting legitimate functions with custom payloads to ev…☆17Updated 6 months ago
- A repository showcasing payload execution control using mutexes, semaphores, and events in Windows, for educational purposes.☆17Updated 6 months ago
- Implements dynamic Windows API resolution via hashing techniques to evade detection. Inspired by techniques mapped to MITRE ATT&CK T1055…☆18Updated 5 months ago
- A powerful PE file inspector for analyzing Portable Executable binaries, providing detailed insights into their structure, headers, and p…☆19Updated 5 months ago
- NTAPI Anti-Debugging Checker and Patcher is a Windows-based tool designed for research purposes, demonstrating how to detect and manipula…☆17Updated 10 months ago
- Native API injector☆26Updated 10 months ago
- nexos source files made by @samdem-ai☆13Updated 8 months ago
- This is a challenge made for NexTrace CTF, Malware Analysis case☆12Updated 8 months ago
- Research project showcasing various malware evasion techniques used to bypass AVs and EDRs, continuously updated with new methods.☆29Updated 5 months ago
- The front-end side of Uventlo Project☆11Updated last year
- NetWise is a bandwidth management and optimization system developed for the DevFest Algiers Hackathon.☆13Updated 8 months ago
- nexos source files made by @samdem-ai☆20Updated 8 months ago
- Config files for my GitHub profile.☆11Updated last year
- ☆12Updated last year
- sharing some writeups for ctf challs :)☆11Updated last year
- ☆10Updated 8 months ago
- Portfolio inspired from nest js official website using React and Material UI☆13Updated 6 months ago