MalwareApiLib / MalwareApiLibraryLinks
collection of apis used in malware development
☆224Updated 3 years ago
Alternatives and similar repositories for MalwareApiLibrary
Users that are interested in MalwareApiLibrary are comparing it to the libraries listed below
Sorting:
- ☆133Updated 2 years ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆380Updated last year
- Performing Indirect Clean Syscalls☆572Updated 2 years ago
- Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.☆250Updated 9 months ago
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆232Updated 7 months ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆652Updated 2 years ago
- Payload Loader With Evasion Features☆318Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆526Updated 3 years ago
- ☆359Updated last year
- Leaked Windows processes handles identification tool☆288Updated 3 years ago
- Conti Locker source code☆194Updated 3 years ago
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆483Updated last year
- A technique of hiding malicious shellcode via Shannon encoding.☆255Updated 2 years ago
- A Payload Loader Designed With Advanced Evasion Features☆508Updated 2 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆333Updated last year
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆251Updated 2 years ago
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆310Updated 11 months ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆366Updated 3 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆299Updated 2 years ago
- Various ways to execute shellcode☆494Updated last year
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆595Updated last year
- Source code of exploiting windows API for red teaming series☆151Updated 2 years ago
- ☆489Updated 2 years ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆216Updated 2 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆192Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆350Updated 5 months ago
- Manipulating and Abusing Windows Access Tokens.☆278Updated 4 years ago
- Beacon Object File Loader☆287Updated last year
- Native Syscalls Shellcode Injector☆267Updated 2 years ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆452Updated 2 years ago