EvilBytecode / GoEvilDocs
Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.
☆10Updated 2 months ago
Related projects: ⓘ
- Ransomware written in go, encrypt - decrypt.☆15Updated 2 months ago
- Parent Process ID Spoofing, coded in CGo.☆21Updated 2 months ago
- Unhook Ntdll.dll, Go & C++.☆11Updated 2 months ago
- A malicous Golang Package☆10Updated 2 months ago
- Go ransomware utilising ChaCha20 and ECIES encryption.☆52Updated last month
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆15Updated last month
- Go keylogger for Windows, logging keyboard input to a file using Windows API functions, and it is released under the Unlicense.☆19Updated 3 months ago
- PowerShell script to generate ShellCode in various formats☆22Updated 2 weeks ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆20Updated this week
- A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.☆12Updated 2 months ago
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆31Updated 10 months ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. P…☆14Updated 2 years ago
- ECC Public Key Cryptography☆33Updated 10 months ago
- ☆24Updated 10 months ago
- Golang Implementation of Hell's gate☆15Updated last year
- A simple rpc2socks alternative in pure Go.☆23Updated 2 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated 10 months ago
- A simple website to act as a store for havoc modules and extensions☆21Updated 4 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆12Updated last month
- powershell script i wrote that can suspend an arbitrary process (with limits)☆19Updated last year
- exfiltration/infiltration toolkit☆23Updated 9 months ago
- A malicious keyboard that delivers a multi-staged attack, consisting of a polymorphous trojan payload which can bypass antivirus engines,…☆10Updated last year
- RCE PoC for Empire C2 framework <5.9.3☆25Updated 6 months ago
- Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current pr…☆18Updated 7 months ago
- DFSCoerce exe revisited version with custom authentication☆34Updated 8 months ago
- Cobalt Strike BOFS☆16Updated 9 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆64Updated 10 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆45Updated 2 months ago
- ☆11Updated 9 months ago