ArtemBaranov / WindowsRootkitsGuideLinks
☆68Updated 4 months ago
Alternatives and similar repositories for WindowsRootkitsGuide
Users that are interested in WindowsRootkitsGuide are comparing it to the libraries listed below
Sorting:
- ☆58Updated 3 months ago
- ☆107Updated 7 months ago
- ☆114Updated last month
- Lena's scripts/code/resources for malware analysis☆27Updated 11 months ago
- Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis☆56Updated 8 months ago
- Configuration Extractors for Malware☆106Updated last month
- BSides Prishtina 2024 Malware Development and Persistence workshop☆81Updated last week
- Vibe Malware Triage - MCP server for static PE analysis.☆53Updated 2 weeks ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 3 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination …☆141Updated 10 months ago
- ☆155Updated 5 months ago
- Persist like a Dodder☆61Updated 2 weeks ago
- Chiron Unpacker, developed by the Malwation MTR Team, is an Unpacker for Packers using the Assembly.Load function.☆19Updated 7 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 2 months ago
- ☆37Updated 5 months ago
- The result of research and investigation of malware development tricks, techniques, evasion, cryptography and linux malware☆45Updated 2 months ago
- "Service-less" driver loading☆155Updated 6 months ago
- A Mythic Agent written in PIC C.☆188Updated 4 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆144Updated 4 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆109Updated 8 months ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆115Updated 6 months ago
- Analyse MSI files for vulnerabilities☆131Updated 9 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆79Updated 9 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆190Updated 3 months ago
- ☆119Updated last year
- Windows rootkit designed to work with BYOVD exploits☆198Updated 4 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆99Updated 3 weeks ago
- ☆20Updated 2 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆20Updated last year