All my POC related to malware development
☆15Feb 19, 2026Updated 2 months ago
Alternatives and similar repositories for MalDevelopment
Users that are interested in MalDevelopment are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- the bear is an infostealer (grabber) malware written in C and assembly with the focus on evading detection.☆16Sep 8, 2024Updated last year
- ☆19Dec 12, 2023Updated 2 years ago
- ☆17Oct 26, 2021Updated 4 years ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆35Feb 2, 2026Updated 2 months ago
- Collection of red team techniques.☆70Apr 25, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 10 months ago
- CVE-2025-5777 (CitrixBleed 2) - Critical memory leak vulnerability affecting Citrix NetScaler ADC and Gateway devices☆46Jul 8, 2025Updated 9 months ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 7 months ago
- Web shell as Portlet (useful for Websphere Portal, JBoss Portal, etc.)☆12Aug 27, 2016Updated 9 years ago
- CTFs On Demand☆13Mar 23, 2025Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆17Oct 25, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Driver Reverse & Exploitation☆82Sep 4, 2025Updated 7 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- AV/EDR companies netblocks☆18Nov 9, 2021Updated 4 years ago
- Test bench lab for Shellcode Obfuscation☆36Sep 2, 2025Updated 7 months ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.☆20Jul 17, 2024Updated last year
- I have documented all of the AMSI patches that I learned till now☆73Nov 4, 2025Updated 5 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆47Jul 29, 2024Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆187Aug 2, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Exploring different process injection techniques based on malware analysis☆14Dec 28, 2023Updated 2 years ago
- A rework of CMLuaUtil AutoElevated☆30Nov 6, 2022Updated 3 years ago
- Symantec EDR Internals☆30Oct 12, 2021Updated 4 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆24Feb 17, 2024Updated 2 years ago
- Winsocket for Cobalt Strike.☆105Jul 6, 2023Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated last year
- A C# implementation of dumping credentials from Windows Credential Manager☆62Sep 23, 2023Updated 2 years ago
- Process injection via native Windows APIs (NTAPIs)☆15Jan 16, 2024Updated 2 years ago
- Collection of different rootkit functionality, each driver representing a different rootkit component☆14May 27, 2025Updated 11 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Github profile☆21Feb 2, 2026Updated 2 months ago
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆90Nov 9, 2023Updated 2 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆114Oct 11, 2023Updated 2 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- Powerful Rat/Botnet written C/C++ and Rust works on Windows, Linux and Mac OS, Android and IOT Devices Central / P2P Architecture. (Proje…☆11Apr 8, 2026Updated 3 weeks ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Silent file loader☆14Apr 24, 2022Updated 4 years ago