Cerbersec / notesLinks
Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.
☆83Updated 3 years ago
Alternatives and similar repositories for notes
Users that are interested in notes are comparing it to the libraries listed below
Sorting:
- ☆113Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆156Updated 3 years ago
- Infect Shared Files In Memory for Lateral Movement☆194Updated 2 years ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- Do some DLL SideLoading magic☆85Updated last year
- It's pointy and it hurts!☆125Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆146Updated 4 years ago
- Bypass Malware Time Delays☆102Updated 2 years ago
- ☆133Updated 2 years ago
- ☆85Updated 2 years ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆164Updated 2 years ago
- A fake AMSI Provider which can be used for persistence.☆151Updated 4 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- Detect strange memory regions and DLLs☆185Updated 3 years ago
- Evasive Process Hollowing Techniques☆141Updated 4 years ago
- ☆119Updated last year
- Red Team Operation's Defense Evasion Technique.☆54Updated last year
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆137Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Updated 3 years ago
- ☆136Updated 2 years ago
- ETW based POC to identify direct and indirect syscalls☆187Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆89Updated 2 years ago
- ☆108Updated 2 years ago
- Identify and exploit leaked handles for local privilege escalation.☆109Updated 2 years ago
- Simple EDR implementation to demonstrate bypass☆173Updated 5 years ago
- Hookers are cooler than patches.☆170Updated 3 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆107Updated 6 months ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆194Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆114Updated last year