MalwareApiLib / MalwareApiLibraryLinks
collection of apis used in malware development
☆224Updated 2 years ago
Alternatives and similar repositories for MalwareApiLibrary
Users that are interested in MalwareApiLibrary are comparing it to the libraries listed below
Sorting:
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆378Updated 10 months ago
- Performing Indirect Clean Syscalls☆550Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆521Updated 2 years ago
- A Payload Loader Designed With Advanced Evasion Features☆512Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆637Updated 2 years ago
- JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.☆308Updated 9 months ago
- Various ways to execute shellcode☆491Updated last year
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆476Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆296Updated last year
- KaynLdr is a Reflective Loader written in C/ASM☆540Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆342Updated 3 months ago
- ☆482Updated 2 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆330Updated 10 months ago
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆247Updated 2 years ago
- A technique of hiding malicious shellcode via Shannon encoding.☆255Updated 2 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆365Updated 3 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆465Updated 3 years ago
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆229Updated 5 months ago
- ☆132Updated last year
- Payload Loader With Evasion Features☆318Updated 2 years ago
- ☆354Updated last year
- WTSRM☆211Updated 2 years ago
- Aims to identify sleeping beacons☆596Updated 5 months ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆457Updated 3 years ago
- Lifetime AMSI bypass☆627Updated last year
- PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.☆588Updated last year
- miscellaneous scripts and programs☆243Updated 4 months ago
- Tools and PoCs for Windows syscall investigation.☆361Updated 5 months ago
- Beacon Object File Loader☆287Updated last year
- Source code of exploiting windows API for red teaming series☆148Updated 2 years ago