☆10Jul 1, 2023Updated 2 years ago
Alternatives and similar repositories for Malware-Development
Users that are interested in Malware-Development are comparing it to the libraries listed below
Sorting:
- Mimikatz embedded as classes☆28Oct 25, 2021Updated 4 years ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆41Jul 9, 2023Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆15Apr 25, 2022Updated 3 years ago
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- ☆19Aug 6, 2021Updated 4 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated last year
- Umbrella will protect your shellcode from the rain.☆31Jun 4, 2025Updated 8 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- Pseudo-shell for RCE scenarios: tunnels commands via /tmp sockets to a local daemon, keeps context, no bind or reverse shell needed.☆43Jun 12, 2025Updated 8 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- Explore and filter your GitHub starred repositories☆25Dec 5, 2023Updated 2 years ago
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated last year
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆137Apr 6, 2025Updated 10 months ago
- Cargo subcommand to build a crate into shellcode☆27Aug 15, 2024Updated last year
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆32Aug 23, 2023Updated 2 years ago
- ☆60Dec 15, 2023Updated 2 years ago
- ☆126Sep 1, 2024Updated last year
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆28May 30, 2022Updated 3 years ago
- From C to binary shellcode converter.☆55Nov 11, 2025Updated 3 months ago
- Malware?☆77Oct 26, 2025Updated 4 months ago
- A powerful hardware ID spoofing tool designed to modify system identifiers for privacy and security purposes. Change MAC addresses, HWID,…☆21Nov 26, 2025Updated 3 months ago
- Go wrapper for in-memory DLL module loader, MemoryModule☆32Feb 13, 2018Updated 8 years ago
- ☆36Oct 26, 2023Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated last year
- Map remote .NET assemblies to memory for further invocation.☆39Oct 22, 2021Updated 4 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- ☆108Aug 21, 2024Updated last year
- My stuff regarding Copilot for Security☆12Jan 12, 2026Updated last month
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- Palo Alto Networks AI Runtime Security Model Context Protocol (MCP) Relay Server☆31Jan 27, 2026Updated last month
- Microsoft-Defender-for-IoT☆14May 26, 2025Updated 9 months ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago