TheMalwareGuardian / Bentico

Related projects ⓘ

Alternatives and complementary repositories for Bentico

• hid3rx / GhostWriting
  ☆22Updated last year
• therealdreg / Win.Cerdalux
  WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs
  ☆16Updated last year
• OrShazam / ChainEngine
  automates exploits using ROP chains, using ntdll-scraper
  ☆16Updated 2 years ago
• jsacco / PPL_Bypass
  ☆12Updated 2 years ago
• Kharos102 / ReadWriteDriverSample
  ☆21Updated 6 months ago
• Flawww / NtSyscaller
  Manually perform syscalls without going through any external API or DLL.
  ☆17Updated last year
• benheise / bootkit
  UEFI bootkit: Hardware Implant. In-Progress
  ☆11Updated 2 years ago
• varwara / CVE-2024-21338
  PoC for the Untrusted Pointer Dereference in the appid.sys driver
  ☆13Updated 6 months ago
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆24Updated 5 months ago
• Idov31 / UdpInspector
  Listing UDP connections with remote address without sniffing.
  ☆30Updated last year
• TheMalwareGuardian / Abismo
  UEFI Windows Bootkit
  ☆25Updated 4 months ago
• oXis / DoublePulsarPayload
  C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.
  ☆29Updated 3 years ago
• SamuelTulach / SecureGame
  Proof-of-concept game using VBS enclaves to protect itself from cheating
  ☆19Updated last week
• emlinhax / DbgViewEx
  combine the power of procmon and dbgview into one single application
  ☆7Updated 9 months ago
• ch3rn0byl / WinDbg-Extensions
  ☆17Updated 3 years ago
• roadwy / SIGNATURE_TYPE_LUASTANDALONE
  Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm
  ☆12Updated 4 months ago
• rbmm / RtlClone
  ☆27Updated 4 months ago
• bluefrostsecurity / Windows-Drive-Remapping-EoP
  ☆27Updated last year
• benheise / ANGRYORCHARD
  A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
  ☆28Updated 2 years ago
• 0vercl0k / inject
  Yet another Windows DLL injector.
  ☆38Updated 3 years ago
• Midi12 / whse
  WinHvShellcodeEmulator (WHSE) is a shellcode emulator leveraging the Windows Hypervisor Platform API
  ☆19Updated 2 years ago
• cocomelonc / 2022-01-14-malware-injection-13
  Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example
  ☆16Updated 2 years ago
• WHots / RosaryAV
  Lightweight Threat Detection System - (Base)
  ☆14Updated 7 months ago
• SaadAhla / BlockNonMSModules
  Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules
  ☆42Updated last year
• 1027565 / InstrumentationCallbacks
  A native Windows library for intercepting kernel-to-user transitions using instrumentation callbacks
  ☆16Updated 9 months ago
• yo-yo-yo-jbo / anti_debugging_intro
  ☆22Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆31Updated 3 years ago
• 0x44F / WinKit
  💻 Windows 10 Kernel-mode rootkit
  ☆31Updated 2 years ago
• therealdreg / windbgtocstruct
  Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…
  ☆26Updated last year
• 0mWindyBug / WFPCalloutReserach
  research revolving the windows filtering platform callout mechanism
  ☆22Updated 5 months ago