All my POC related to malware development
☆15Feb 19, 2026Updated 3 months ago
Alternatives and similar repositories for MalDevelopment
Users that are interested in MalDevelopment are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- the bear is an infostealer (grabber) malware written in C and assembly with the focus on evading detection.☆17Sep 8, 2024Updated last year
- ☆19Dec 12, 2023Updated 2 years ago
- ☆17Oct 26, 2021Updated 4 years ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆35Feb 2, 2026Updated 4 months ago
- Collection of red team techniques.☆70Apr 25, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated last year
- CVE-2025-5777 (CitrixBleed 2) - Critical memory leak vulnerability affecting Citrix NetScaler ADC and Gateway devices☆47Jul 8, 2025Updated 11 months ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 8 months ago
- Web shell as Portlet (useful for Websphere Portal, JBoss Portal, etc.)☆12Aug 27, 2016Updated 9 years ago
- CTFs On Demand☆13Mar 23, 2025Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆17Oct 25, 2024Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Driver Reverse & Exploitation☆82Sep 4, 2025Updated 9 months ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆15Jan 7, 2023Updated 3 years ago
- AV/EDR companies netblocks☆18Nov 9, 2021Updated 4 years ago
- I have documented all of the AMSI patches that I learned till now☆73Nov 4, 2025Updated 7 months ago
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- Test bench lab for Shellcode Obfuscation☆37Sep 2, 2025Updated 9 months ago
- A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.☆20Jul 17, 2024Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆47Jul 29, 2024Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆188Aug 2, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Exploring different process injection techniques based on malware analysis☆14Dec 28, 2023Updated 2 years ago
- A rework of CMLuaUtil AutoElevated☆30Nov 6, 2022Updated 3 years ago
- Symantec EDR Internals☆31Oct 12, 2021Updated 4 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆24Feb 17, 2024Updated 2 years ago
- Winsocket for Cobalt Strike.☆105Jul 6, 2023Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated 2 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆63Sep 23, 2023Updated 2 years ago
- Process injection via native Windows APIs (NTAPIs)☆15Jan 16, 2024Updated 2 years ago
- Collection of different rootkit functionality, each driver representing a different rootkit component☆14May 27, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Github profile☆22Feb 2, 2026Updated 4 months ago
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆90Nov 9, 2023Updated 2 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆114Oct 11, 2023Updated 2 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- This script is used to unload PsSetCreateProcessNotifyRoutineEx, PsSetCreateProcessNotifyRoutine, PsSetLoadImageNotifyRoutine and PsSetCr…☆63Feb 11, 2024Updated 2 years ago
- Only for educational purposes☆11Jun 17, 2023Updated 2 years ago
- Silent file loader☆14Apr 24, 2022Updated 4 years ago