AlicanAkyol / eagle
Bypass Antivm and Cuckoo Sandbox Techniques
☆13Updated 7 years ago
Related projects: ⓘ
- ☆16Updated 4 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆36Updated 7 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆21Updated 7 years ago
- Malware monitor template based on MinHook☆16Updated 9 years ago
- User-mode hook bypassing method☆32Updated 8 years ago
- Simple PE packer with RtlCompressBuffer☆21Updated 8 years ago
- PoC for detecting and dumping process hollowing code injection☆49Updated 5 years ago
- drvtriks kernel driver for Windows 7 SP1 and 8.1 x64, that tricks around in your system.☆31Updated 6 years ago
- Class implementation of PowerLoader injection technique☆29Updated 7 years ago
- ☆23Updated this week
- Anti-AV compilation☆42Updated 10 years ago
- ☆19Updated this week
- Kernel mode windows NT API logger☆21Updated 5 years ago
- find and kill injectedThreads from memory☆10Updated 8 years ago
- NoREpls - Application designed for the purposes of reverse engineering.☆10Updated 6 years ago
- ☆16Updated 7 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆25Updated 7 years ago
- Brand New Code Injection for Windows https://breakingmalware.com/injection-techniques/atombombing-brand-new-code-injection-for-windows☆19Updated 7 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 6 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago
- The Grum Spam Bot☆20Updated 9 years ago
- Bootkits Revisited☆41Updated 10 years ago
- ☆24Updated this week
- Windows 10 UAC bypass PoC using LaunchInfSection☆34Updated 6 years ago
- ☆21Updated 3 years ago
- Code Injector Using Code Caves☆14Updated 9 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆73Updated 9 years ago
- Old exploits and code for my self-referencing PML4 technique (2014)☆30Updated 9 years ago
- User-mode part of Zerokit platform☆20Updated 5 years ago
- A simple native code virtualizer for 32-bit Windows PE☆14Updated 8 years ago