EvilBytecode / GoEvilDocs
Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.
☆11Updated 9 months ago
Alternatives and similar repositories for GoEvilDocs:
Users that are interested in GoEvilDocs are comparing it to the libraries listed below
- Ransomware written in go, encrypt - decrypt.☆18Updated 8 months ago
- Parent Process ID Spoofing, coded in CGo.☆22Updated 9 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆19Updated 8 months ago
- ☆13Updated last month
- A malicous Golang Package☆14Updated 9 months ago
- Unhook Ntdll.dll, Go & C++.☆21Updated 8 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆20Updated last month
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 6 months ago
- A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.☆12Updated 9 months ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆11Updated 7 months ago
- Payload Dropper with Persistance & Privesc & UAC bypass 🐱👤☆13Updated 11 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆15Updated 4 months ago
- Near compile-time string obfuscation for Golang☆13Updated last year
- LSTAR - CobaltStrike Translated to EN☆13Updated last year
- A pure C version of SymProcAddress☆26Updated last year
- Unix Process hollowing in rust☆21Updated 3 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆68Updated last year
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- A simple website to act as a store for havoc modules and extensions☆25Updated 2 months ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- Cobalt Strike notifications via NTFY.☆13Updated 6 months ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- Golang Implementation of Hell's gate☆17Updated last year
- Deobfuscation of XorStringsNet☆12Updated 4 months ago
- It was a great run, but everything must come to an end. Please don’t contact me. Before I go, here’s a final gift :)☆16Updated this week
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆44Updated last year
- Lifetime AMSI bypass.☆35Updated 9 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆19Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆41Updated 7 months ago