K2 / ADMMutate
Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I…
☆81Updated 11 months ago
Related projects: ⓘ
- Example code from "Programming Linux Anti-Reversing Techniques"☆96Updated 7 years ago
- kernel exploitation helper class☆75Updated 7 years ago
- Set of my small utils related to cryptography, encoding, decoding etc☆82Updated 6 months ago
- A gadget finder and a ROP-Chainer tool for x86 platforms☆91Updated 3 years ago
- ☆112Updated 8 years ago
- Another Repo of Malware. Enjoy. <3☆60Updated 5 years ago
- Passive UAC elevation using dll infection☆70Updated 9 years ago
- KINS Banking Trojan☆61Updated 9 years ago
- Supporting Files on my analysis of the malware designated hdroot.☆59Updated 7 years ago
- Reflective SO injection is a library injection technique in which the concept of reflective programming is employed to perform the loadin…☆113Updated 8 years ago
- Python script to inject and run shellcodes through TLS callbacks☆50Updated 9 years ago
- Security Research and Development Framework☆103Updated 8 years ago
- ViDi Visual Disassembler (experimental)☆75Updated last year
- Reflective Polymorphism☆104Updated 6 years ago
- simple shellcode generator☆111Updated 7 years ago
- JynxKit is an LD_PRELOAD userland rootkit for Linux systems with reverse connection SSL backdoor☆56Updated 11 years ago
- ☆119Updated this week
- Anti-technique Codes, Detection of Anti-technique codes☆36Updated 10 years ago
- Cminer is a tool for enumerating the code caves in PE files.☆139Updated last year
- A process overwriting its own PEB to make an illusion that it has been loaded from a different path.☆91Updated 3 years ago
- C++-based shellcode builder☆110Updated 3 years ago
- Randomly changes Win32/64 PE Files for 'safer' uploading to malware and sandbox sites.☆129Updated 10 years ago
- Collection of VC++ example applications to demonstrate Win10 userland heap behavior (BEA & FEA)☆84Updated 8 years ago
- A Python tool to generate ROP chains☆60Updated 6 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆158Updated 7 years ago
- heaper, an advanced heap analysis plugin for Immunity Debugger☆96Updated 11 years ago
- Kernel Address Space Layout Randomization (KASLR) Recovery Software☆96Updated 7 years ago
- Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis☆83Updated 2 years ago
- ☆21Updated this week