ZeroMemoryEx / APT38-0day-StealerLinks
APT38 Tactic PoC for Stealing 0days from security researchers
☆316Updated 2 months ago
Alternatives and similar repositories for APT38-0day-Stealer
Users that are interested in APT38-0day-Stealer are comparing it to the libraries listed below
Sorting:
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆382Updated last year
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆400Updated 2 years ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆288Updated last year
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆423Updated 2 years ago
- Performing Indirect Clean Syscalls☆574Updated 2 years ago
- Awesome AV/EDR/XDR Bypass Tips☆280Updated 2 years ago
- ☆331Updated 2 years ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆425Updated last year
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆230Updated 10 months ago
- Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.☆254Updated 10 months ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆390Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆567Updated last year
- Bypass Malware Sandbox Evasion Ram check☆138Updated 2 years ago
- CaveCarver - PE backdooring tool which utilizes and automates code cave technique☆228Updated 2 years ago
- elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative☆372Updated last year
- Unorthodox and stealthy way to inject a DLL into the explorer using icons☆325Updated 3 months ago
- My collection of malware dev links☆283Updated 2 months ago
- Reflective DLL Injection Made Bella☆234Updated 7 months ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆386Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆713Updated 2 weeks ago
- 「🛡️」AVs/EDRs Evasion tool☆104Updated 8 months ago
- A QoL tool to obfuscate shellcode. In the future will be able to chain encoding/encryption/compression methods.☆206Updated 2 years ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆557Updated 3 weeks ago
- Remote Shellcode Injector☆219Updated 2 years ago
- shellcode loader for your evasion needs☆338Updated 3 months ago
- ☆363Updated last year
- (0day) Local Privilege Escalation in IObit Malware Fighter☆148Updated 4 months ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆328Updated last year
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆284Updated 4 months ago
- ☆260Updated last year