EvilBytecode / Evil-Go
A malicous Golang Package
☆10Updated 2 months ago
Related projects: ⓘ
- Unhook Ntdll.dll, Go & C++.☆11Updated 2 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆15Updated last month
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆31Updated 10 months ago
- Parent Process ID Spoofing, coded in CGo.☆21Updated 2 months ago
- A simple rpc2socks alternative in pure Go.☆23Updated 2 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated 10 months ago
- ☆14Updated this week
- C# API for Nidhogg rootkit☆15Updated 4 months ago
- CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit☆34Updated last week
- DFSCoerce exe revisited version with custom authentication☆34Updated 8 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆20Updated this week
- ☆13Updated last month
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆10Updated 2 months ago
- Ransomware written in go, encrypt - decrypt.☆15Updated 2 months ago
- HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation☆13Updated 2 months ago
- PowerShell script to generate ShellCode in various formats☆22Updated 2 weeks ago
- Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform☆15Updated 5 months ago
- Exploit for CVE-2024-5009☆11Updated 2 months ago
- Go keylogger for Windows, logging keyboard input to a file using Windows API functions, and it is released under the Unlicense.☆19Updated 3 months ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆36Updated 8 months ago
- PDF Icon File Type Spoofer☆12Updated 2 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆29Updated 10 months ago
- A simple website to act as a store for havoc modules and extensions☆21Updated 4 months ago
- ☆14Updated 3 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆12Updated last month
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆41Updated last month
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- Tomcat backdoor based on CS blog☆25Updated last year
- Beacon Object Files used for Cobalt Strike☆17Updated last year
- ☆24Updated 10 months ago