Golang library for malware development
☆385Nov 20, 2024Updated last year
Alternatives and similar repositories for maldev
Users that are interested in maldev are comparing it to the libraries listed below
Sorting:
- Shellcode loader generator with multiples features☆506Dec 31, 2024Updated last year
- indirect syscalls for AV/EDR evasion in Go assembly☆371Jun 13, 2023Updated 2 years ago
- Go shellcode loader that combines multiple evasion techniques☆389Jun 21, 2023Updated 2 years ago
- Golang weaponization for red teamers.☆516Jan 17, 2024Updated 2 years ago
- This repo contains C/C++ snippets that can be handy in specific offensive scenarios.☆762Jan 26, 2025Updated last year
- Go implementation of the self-deletion of an running executable from disk☆113Jun 6, 2023Updated 2 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,040Jun 20, 2023Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆721Aug 18, 2023Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 2 years ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- A modern 32/64-bit position independent implant template☆1,293Mar 21, 2025Updated 11 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆283Jun 15, 2024Updated last year
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆258Jun 29, 2024Updated last year
- kill anti-malware protected processes ( BYOVD )☆968Jul 21, 2023Updated 2 years ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆173Apr 27, 2023Updated 2 years ago
- Performing Indirect Clean Syscalls☆605Apr 19, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆776Jan 26, 2026Updated last month
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆360Mar 2, 2024Updated last year
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆747May 23, 2025Updated 9 months ago
- PE obfuscator with Evasion in mind☆213Apr 25, 2023Updated 2 years ago
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.☆1,562Aug 20, 2024Updated last year
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- PoC Implementation of a fully dynamic call stack spoofer☆917Jul 20, 2024Updated last year
- Now You See Me, Now You Don't☆1,024Jan 23, 2026Updated last month
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆407Aug 22, 2023Updated 2 years ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Because AV evasion should be easy.☆859Nov 28, 2024Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.☆427Feb 11, 2024Updated 2 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆407Sep 12, 2023Updated 2 years ago
- Protected Process Dumper Tool☆576Aug 30, 2023Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆433Dec 21, 2023Updated 2 years ago
- CobaltStrike beacon in rust☆208Aug 10, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆501Jan 10, 2023Updated 3 years ago
- Real fucking shellcode encryptor & obfuscator tool☆1,012Jan 7, 2026Updated last month
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- ☆223Mar 10, 2024Updated last year