Cerbersec / notesLinks
Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.
☆84Updated 3 years ago
Alternatives and similar repositories for notes
Users that are interested in notes are comparing it to the libraries listed below
Sorting:
- POC for frustrating/defeating Malware Analysts☆157Updated 3 years ago
- ☆113Updated 3 years ago
- Do some DLL SideLoading magic☆89Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆117Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆195Updated 2 years ago
- Bypass Malware Time Delays☆105Updated 3 years ago
- A fake AMSI Provider which can be used for persistence.☆152Updated 4 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆90Updated 3 years ago
- Finding secrets in kernel and user memory☆115Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Updated 3 years ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆170Updated 2 years ago
- It's pointy and it hurts!☆126Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆115Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆101Updated 3 years ago
- Identify and exploit leaked handles for local privilege escalation.☆110Updated 2 years ago
- Hookers are cooler than patches.☆170Updated 3 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- ☆137Updated 2 years ago
- ☆119Updated last year
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆143Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆54Updated last year
- ☆107Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆152Updated 4 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆101Updated 3 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆123Updated 2 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆177Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆107Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆88Updated 3 years ago