☆10Jul 1, 2023Updated 2 years ago
Alternatives and similar repositories for Malware-Development
Users that are interested in Malware-Development are comparing it to the libraries listed below
Sorting:
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆41Jul 9, 2023Updated 2 years ago
- ☆19Aug 6, 2021Updated 4 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated last year
- Shellcode execution via x86 inline assembly based on MSVC syntax☆17Apr 26, 2023Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆15Apr 25, 2022Updated 3 years ago
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆28May 30, 2022Updated 3 years ago
- Umbrella will protect your shellcode from the rain.☆31Jun 4, 2025Updated 9 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- Multi-Arch docker image for boringtun☆12Aug 28, 2025Updated 6 months ago
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- ☆60Dec 15, 2023Updated 2 years ago
- Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.☆19Nov 11, 2025Updated 4 months ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Pseudo-shell for RCE scenarios: tunnels commands via /tmp sockets to a local daemon, keeps context, no bind or reverse shell needed.☆44Jun 12, 2025Updated 9 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- ☆126Sep 1, 2024Updated last year
- Methodoloy for pentesting web applications.☆10Aug 18, 2022Updated 3 years ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆139Apr 6, 2025Updated 11 months ago
- This is just some simple code (very basic) for messing about with eBPF☆12Jan 10, 2026Updated 2 months ago
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆32Aug 23, 2023Updated 2 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆190Jun 30, 2023Updated 2 years ago
- Stub for polymorphic code☆11Mar 18, 2023Updated 3 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- From C to binary shellcode converter.☆56Nov 11, 2025Updated 4 months ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- ☆12Aug 1, 2023Updated 2 years ago
- Map remote .NET assemblies to memory for further invocation.☆38Oct 22, 2021Updated 4 years ago
- ☆11Feb 12, 2023Updated 3 years ago
- Cargo subcommand to build a crate into shellcode☆27Aug 15, 2024Updated last year
- Explore and filter your GitHub starred repositories☆25Dec 5, 2023Updated 2 years ago
- Malware?☆77Oct 26, 2025Updated 4 months ago
- Go wrapper for in-memory DLL module loader, MemoryModule☆32Feb 13, 2018Updated 8 years ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆44Jun 23, 2022Updated 3 years ago