a0rtega / metame

Related projects ⓘ

Alternatives and complementary repositories for metame

• hasherezade / demos
  Demos of various injection techniques found in malware
  ☆792Updated 2 years ago
• JLospinoso / gargoyle
  A memory scanning evasion technique
  ☆836Updated 7 years ago
• BreakingMalware / PowerLoaderEx
  PowerLoaderEx - Advanced Code Injection Technique for x32 / x64
  ☆359Updated 7 years ago
• kgretzky / python-x86-obfuscator
  This is a **WIP** tool that performs shellcode obfuscation in x86 instruction set.
  ☆228Updated 8 years ago
• jackullrich / ShellcodeStdio
  An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
  ☆494Updated 5 years ago
• hasherezade / process_doppelganging
  My implementation of enSilo's Process Doppelganging (PE injection technique)
  ☆580Updated 2 years ago
• peperunas / injectopi
  A set of tutorials about code injection for Windows.
  ☆305Updated 2 months ago
• therealdreg / anticuckoo
  A tool to detect and crash Cuckoo Sandbox
  ☆288Updated 3 months ago
• theevilbit / injection
  ☆798Updated 4 years ago
• Antonin-Deniau / cave_miner
  Search for code cave in all binaries
  ☆276Updated 4 months ago
• claudiouzelac / rootkit.com
  Mirror of users section of rootkit.com
  ☆289Updated 8 years ago
• secrary / makin
  makin - reveal anti-debugging and anti-VM tricks [This project is not maintained anymore]
  ☆732Updated 5 years ago
• nccgroup / DriverBuddy
  DriverBuddy is an IDA Python script to assist with the reverse engineering of Windows kernel drivers.
  ☆352Updated 4 years ago
• Cr4sh / WindowsRegistryRootkit
  Kernel rootkit, that lives inside the Windows registry values data
  ☆488Updated 7 years ago
• Professor-plum / Reflective-Driver-Loader
  ☆393Updated 7 years ago
• hryuk / Carberp
  ☆518Updated 6 years ago
• sam-b / windows_kernel_address_leaks
  Examples of leaking Kernel Mode information from User Mode on Windows
  ☆581Updated 7 years ago
• hasherezade / bearparser
  Portable Executable parsing library (from PE-bear)
  ☆648Updated 2 months ago
• BromiumLabs / PackerAttacker
  C++ application that uses memory and code hooks to detect packers
  ☆268Updated 6 years ago
• sam-b / windows_kernel_resources
  Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits
  ☆360Updated 4 years ago
• reyammer / shellnoob
  A shellcode writing toolkit
  ☆660Updated 2 years ago
• NytroRST / ShellcodeCompiler
  Shellcode Compiler
  ☆1,065Updated 2 months ago
• SafeBreach-Labs / pinjectra
  Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)
  ☆792Updated 2 years ago
• d35ha / CallObfuscator
  Obfuscate specific windows apis with different apis
  ☆982Updated 3 years ago
• secrary / InjectProc
  InjectProc - Process Injection Techniques [This project is not maintained anymore]
  ☆994Updated 5 years ago
• peterferrie / win-exec-calc-shellcode
  A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)
  ☆389Updated 6 months ago
• hugsy / CFB
  Canadian Furious Beaver is a ProcMon-style tool designed only for capturing IRPs sent to any Windows driver.
  ☆310Updated 7 months ago
• secrary / InfectPE
  InfectPE - Inject custom code into PE file [This project is not maintained anymore]
  ☆321Updated 7 years ago
• conix-security / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆355Updated 9 years ago