CodeXTF2 / maldev-links
My collection of malware dev links
☆235Updated 2 weeks ago
Related projects: ⓘ
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆291Updated 3 weeks ago
- ☆303Updated 11 months ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆367Updated last month
- Performing Indirect Clean Syscalls☆451Updated last year
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆365Updated last year
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆452Updated 9 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆532Updated 3 weeks ago
- Materials for the workshop "Red Team Ops: Havoc 101"☆325Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆332Updated last year
- Analyse your malware to surgically obfuscate it☆373Updated 11 months ago
- shellcode loader for your evasion needs☆257Updated 3 months ago
- Because AV evasion should be easy.☆297Updated 2 months ago
- Open Source C&C Specification☆215Updated last month
- Protected Process Dumper Tool☆510Updated last year
- TartarusGate, Bypassing EDRs☆519Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆511Updated 2 months ago
- Simulate the behavior of AV/EDR for malware development training.☆443Updated 7 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆380Updated 6 months ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆312Updated 2 months ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆468Updated last year
- Centralized resource for listing and organizing known injection techniques and POCs☆212Updated last month
- Amsi Bypass payload that works on Windwos 11☆369Updated last year
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆397Updated last year
- ScareCrow - Payload creation framework designed around EDR bypass.☆240Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆228Updated 3 months ago
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆156Updated 11 months ago
- ☆242Updated 7 months ago
- Lifetime AMSI bypass☆577Updated 11 months ago
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆176Updated 4 months ago
- ☆203Updated 2 years ago