A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
☆75May 20, 2021Updated 4 years ago
Alternatives and similar repositories for TheSubZeroProject
Users that are interested in TheSubZeroProject are comparing it to the libraries listed below
Sorting:
- My experience using Windows API for offensive purposes☆17Jul 10, 2021Updated 4 years ago
- ☆15Dec 16, 2020Updated 5 years ago
- Thawne is a Sentinel for your Program. A trojan that Reinfects systems. It installs itself on the system it's Executed on. After which Th…☆10Oct 13, 2020Updated 5 years ago
- My (OLD) RE Take On The Faux Green Petya Ransomware Builder & Client.☆20Jul 8, 2021Updated 4 years ago
- Remote Administration Tool, Server Written in C# and Client Written in C++☆15Dec 8, 2022Updated 3 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53May 31, 2018Updated 7 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- DarkRats Standalone HVNC☆25May 20, 2022Updated 3 years ago
- Reversed source code to the Babuk ransomware builder.☆17Jul 1, 2021Updated 4 years ago
- Collection of shellcode injection and execution techniques☆18Aug 21, 2025Updated 6 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- PoC designed to evade userland-hooking anti-virus.☆90May 15, 2019Updated 6 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.☆11May 31, 2022Updated 3 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Overwrites the whole PE Header☆20Apr 20, 2020Updated 5 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- ☆13Jan 28, 2017Updated 9 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Aug 8, 2022Updated 3 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- A very weird RAT☆19Aug 11, 2022Updated 3 years ago
- ☆23May 28, 2021Updated 4 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Dec 6, 2018Updated 7 years ago
- Kernel-Mode driver and User-Mode application communication project☆12Jun 24, 2018Updated 7 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- String obfuscator based on the Mealy automata☆13Sep 16, 2017Updated 8 years ago
- ☆84Aug 26, 2024Updated last year
- Research on malware creation and protection☆64Jan 2, 2021Updated 5 years ago
- Conti Ransomware Source Code☆19Mar 1, 2022Updated 4 years ago
- DarkRat source - beware untested source and resources.☆21Dec 7, 2019Updated 6 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago