ThanniKudam / Malware-DevelopmentLinks
Just another repository for malware development
☆13Updated last year
Alternatives and similar repositories for Malware-Development
Users that are interested in Malware-Development are comparing it to the libraries listed below
Sorting:
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆72Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆101Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54Updated 8 months ago
- Windows Thread Pool Injection Havoc Implementation☆32Updated last year
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆63Updated 10 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61Updated 8 months ago
- Cortex EDR Ransomware protection Bypass☆25Updated last year
- Shellcode loader☆100Updated last year
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆66Updated 2 years ago
- Proxy function calls through the thread pool with ease☆31Updated 11 months ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆44Updated last year
- Windows User-Mode Shellcode Development Framework (WUMSDF)☆123Updated 2 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Updated last month
- lsassdump via RtlCreateProcessReflection and NanoDump☆84Updated last year
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆48Updated 3 months ago
- Impersonate Tokens using only NTAPI functions☆83Updated 10 months ago
- Threadless shellcode injection tool☆68Updated last year
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆41Updated 3 months ago
- Modern PIC implant for Windows (64 & 32 bit)☆105Updated 6 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Updated 3 weeks ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆88Updated last month
- Internal Monologue BOF☆79Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆79Updated 2 years ago
- Shellcode Loader Utilizing ETW Events☆67Updated 11 months ago
- Thats it! An Open-Source Windows UEFI Rootkit☆28Updated 6 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆73Updated 3 months ago
- Just another ntdll unhooking using Parun's Fart technique☆76Updated 2 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆28Updated last year