Maldev-Academy / DRMBinViaOrdinalImports
Create Anti-Copy DRM Malware
☆46Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for DRMBinViaOrdinalImports
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆95Updated last year
- ApexLdr is a DLL Payload Loader written in C☆105Updated 4 months ago
- ☆118Updated last year
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- Construct the payload at runtime using an array of offsets☆58Updated 5 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- ☆73Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆145Updated 11 months ago
- ☆117Updated 2 months ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆108Updated last month
- TypeLib persistence technique☆73Updated 3 weeks ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆73Updated last month
- Find DLLs with RWX section☆75Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- Do some DLL SideLoading magic☆75Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆88Updated 9 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆113Updated last year
- Stealthily inject shellcode into an executable☆55Updated last month
- ☆96Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆54Updated 3 months ago
- ☆79Updated 6 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆85Updated 8 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆73Updated last month
- Simple BOF to read the protection level of a process☆104Updated last year
- ☆103Updated 6 months ago