PacktPublishing / Windows-APT-WarfareLinks
Windows APT Warfare, published by Packt
☆76Updated 2 years ago
Alternatives and similar repositories for Windows-APT-Warfare
Users that are interested in Windows-APT-Warfare are comparing it to the libraries listed below
Sorting:
- Finding secrets in kernel and user memory☆116Updated 2 years ago
- ☆121Updated last year
- ☆105Updated last year
- ☆113Updated 3 years ago
- It's pointy and it hurts!☆126Updated 3 years ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆106Updated last year
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆171Updated 2 years ago
- Bypass Malware Time Delays☆108Updated 3 years ago
- ☆80Updated last year
- Do some DLL SideLoading magic☆89Updated 2 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Updated 2 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆110Updated 10 months ago
- ☆107Updated 2 years ago
- ETW based POC to identify direct and indirect syscalls☆190Updated 2 years ago
- ☆150Updated 3 years ago
- ☆122Updated 4 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆133Updated 3 years ago
- Resources and articles I need to take a look at. Mostly about malware/exploit development and analysis.☆85Updated 3 years ago
- Red Team Operation's Defense Evasion Technique.☆56Updated last year
- ☆76Updated 3 years ago
- Deleting Shadow Copies In Pure C++☆117Updated 3 years ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- Compile shellcode into an exe file from Windows or Linux.☆70Updated 6 months ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆125Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆156Updated 4 years ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated 2 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆123Updated last year
- Identify and exploit leaked handles for local privilege escalation.☆111Updated 2 years ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆96Updated 2 years ago
- ☆84Updated 3 years ago