PacktPublishing / Windows-APT-WarfareLinks
Windows APT Warfare, published by Packt
☆71Updated 2 years ago
Alternatives and similar repositories for Windows-APT-Warfare
Users that are interested in Windows-APT-Warfare are comparing it to the libraries listed below
Sorting:
- ☆113Updated 3 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- ☆105Updated last year
- Experiment on reproducing Obfuscate & Sleep☆146Updated 4 years ago
- Deleting Shadow Copies In Pure C++☆114Updated 2 years ago
- It's pointy and it hurts!☆125Updated 2 years ago
- ☆74Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆123Updated 2 years ago
- ETW based POC to identify direct and indirect syscalls☆187Updated 2 years ago
- ☆78Updated last year
- 64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free☆62Updated 2 years ago
- ☆136Updated 2 years ago
- Windows GPU rootkit PoC by Team Jellyfish☆20Updated 10 years ago
- Do some DLL SideLoading magic☆85Updated last year
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 2 years ago
- ☆119Updated last year
- Piece of code to detect and remove hooks in IAT☆64Updated 3 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆130Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆54Updated last year
- A Poc on blocking Procmon from monitoring network events☆104Updated 2 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆73Updated 4 months ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆166Updated 2 years ago
- Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL☆65Updated 2 years ago
- Find DLLs with RWX section☆81Updated 2 years ago
- Bypass Malware Time Delays☆102Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆102Updated 2 years ago