Fadi002 / MalwareInvestigationLinks
reverse engineering random malwares
☆25Updated 6 months ago
Alternatives and similar repositories for MalwareInvestigation
Users that are interested in MalwareInvestigation are comparing it to the libraries listed below
Sorting:
- C# API for Nidhogg rootkit☆19Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆71Updated last year
- A simple commandline application to automatically decrypt strings from Obfuscator protected binaries☆46Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- Ransomware written in go, encrypt - decrypt.☆26Updated 4 months ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Updated 2 years ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated last year
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆42Updated 3 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆33Updated last year
- Standalone Metasploit-like XOR encoder for shellcode☆48Updated last year
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65Updated 2 years ago
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆15Updated 6 months ago
- ☆29Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆40Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 6 months ago
- A C# implementation that disables Windows Firewall bypassing UAC☆15Updated 10 months ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42Updated last year
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆66Updated 2 years ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆12Updated 4 months ago
- Windows AppLocker Driver (appid.sys) LPE☆63Updated last year
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆22Updated 4 months ago
- BYOVD Technique Example using viragt64 driver☆49Updated last year
- Change hash for a signed pe☆16Updated 2 years ago
- Early cascade injection PoC based on Outflanks blog post written in Rust☆54Updated 6 months ago
- ☆57Updated 10 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆20Updated 6 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Reports on Driver, LSASS and other security services mitigations☆31Updated last week
- Section-based payload obfuscation technique for x64☆64Updated last year