EvilBytecode / PS2BAT
A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.
☆12Updated 8 months ago
Alternatives and similar repositories for PS2BAT:
Users that are interested in PS2BAT are comparing it to the libraries listed below
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆11Updated 8 months ago
- Ransomware written in go, encrypt - decrypt.☆16Updated 8 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆18Updated 7 months ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆10Updated 6 months ago
- Parent Process ID Spoofing, coded in CGo.☆22Updated 8 months ago
- Near compile-time string obfuscation for Golang☆13Updated last year
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆18Updated 3 weeks ago
- Golang Implementation of Hell's gate☆17Updated last year
- An example of Windows self-replicating malware.☆10Updated 2 years ago
- Unhook Ntdll.dll, Go & C++.☆19Updated 7 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆30Updated 8 months ago
- A utility that can be used to launch an executable with a DLL injected☆18Updated last year
- A simple PE loader.☆26Updated 2 years ago
- PS-MOTW: PowerShell scripts to set / show / remove MOTW (Mark of the Web)☆34Updated last year
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65Updated last year
- A malicous Golang Package☆13Updated 8 months ago
- run process as PPL Antimalware☆10Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated last year
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆19Updated 4 years ago
- ☆21Updated 4 months ago
- Examples how to use a Assm (Assembly) in a go.☆16Updated 8 months ago
- Research of modifying exported function names at runtime (C/C++, Windows)☆17Updated 9 months ago
- Tool that can be used to trim useless things from a PE file such as the things a file pumper would add.☆25Updated 7 months ago
- A simple Linux in-memory .so loader☆29Updated last year
- This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. P…☆15Updated 3 years ago
- Loading and executing shellcode in C# without PInvoke.☆20Updated 3 years ago
- 💻 Windows 10 Kernel-mode rootkit☆31Updated 2 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Updated 2 years ago
- A mechanism that trampoline hooks functions in x86/x64 systems.☆22Updated 4 months ago