Demonslay335 / CryptoTester
A utility for playing with cryptography, geared towards ransomware analysis.
☆250Updated last year
Related projects ⓘ
Alternatives and complementary repositories for CryptoTester
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆494Updated 7 months ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆623Updated last year
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆353Updated last month
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆434Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆628Updated last year
- TartarusGate, Bypassing EDRs☆533Updated 2 years ago
- DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.☆478Updated last year
- Now You See Me, Now You Don't☆858Updated last month
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆383Updated last year
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆458Updated 11 months ago
- Performing Indirect Clean Syscalls☆483Updated last year
- Patching "signtool.exe" to accept expired certificates for code-signing.☆271Updated 4 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆561Updated last month
- A dynamic unpacking tool☆128Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆244Updated 5 months ago
- A Highly capable Pe Packer☆684Updated 2 years ago
- PoCs for Kernelmode rootkit techniques research.☆334Updated last week
- Extract C2 Traffic☆245Updated 6 months ago
- Reflective DLL Injection Made Bella☆200Updated last month
- PoC Implementation of a fully dynamic call stack spoofer☆708Updated 4 months ago
- An easily modifiable shellcode template for Windows x64 written in C☆197Updated last year
- The Definitive Guide To Process Cloning on Windows☆436Updated 10 months ago
- Signtool for expired certificates☆455Updated last year
- Important notes and topics on my journey towards mastering Windows Internals☆341Updated 6 months ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆621Updated last year
- Tools and PoCs for Windows syscall investigation.☆354Updated 6 months ago
- For when DLLMain is the only way☆353Updated 3 weeks ago
- Sleep Obfuscation☆686Updated 11 months ago
- ☆111Updated last week
- Vulnerable driver research tool, result and exploit PoCs☆181Updated last year