Windows PE Signature Thief in C++
☆51Aug 21, 2020Updated 5 years ago
Alternatives and similar repositories for SignThief
Users that are interested in SignThief are comparing it to the libraries listed below
Sorting:
- Process doppelganging POC using direct system calls, PPID spoofing and dropbox as an external delivery channel for the payload.☆16Jan 7, 2021Updated 5 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- .net based packer/obfuscator with apc based pe injection☆15Mar 23, 2016Updated 9 years ago
- Downloads, decode, decrypt and executes a VBScript using cmd and mshta☆19Jun 26, 2020Updated 5 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- A Control Panel Applet dropper project. It has a high success rate on engagements since nobody cares about .CPL files and you can just do…☆53May 31, 2018Updated 7 years ago
- This repository contains my sample projects in C# for Windows Desktop and Windows Phone.☆17Dec 3, 2023Updated 2 years ago
- Windows Application Loader Running *.Exe files in Memory against Scrylla☆21Dec 20, 2019Updated 6 years ago
- Simple remote administration tool. Written in c++ and MASM.☆18May 16, 2018Updated 7 years ago
- ☆37May 9, 2019Updated 6 years ago
- A C# DLL Wrapper Generator☆11Feb 23, 2022Updated 4 years ago
- The evolution of NxRansomware☆11Jun 14, 2019Updated 6 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- A tool to show the method info at runtime☆13Aug 12, 2019Updated 6 years ago
- Injection of MSIL using Cecil☆12Jul 28, 2015Updated 10 years ago
- [Not Another DLL Injector] - a simple, all purpose DLL injector for x64 and x86☆12Jul 4, 2019Updated 6 years ago
- Proof of Concept of the steganographic algorithms implemented by APT 29 (Hammertos)☆10Nov 26, 2018Updated 7 years ago
- ☆13Feb 25, 2023Updated 3 years ago
- Copy xRAT repository☆23May 15, 2018Updated 7 years ago
- Win32 PE Anti-RE and Anti-debugging Framework☆13May 14, 2019Updated 6 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- load mixed assemblies (.NET) C# source code☆14Sep 3, 2017Updated 8 years ago
- Application features: Sets visibility of its own executeable file to hidden --> Adds itself to the registry of run-on-startup application…☆11Jan 30, 2019Updated 7 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- Modern C++ wrapper for Windows PE signature verification mechanism☆30Aug 9, 2019Updated 6 years ago
- Added working RDP☆12Jan 17, 2017Updated 9 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- P2C Loader based on blackbone, used by isolation.top and others.☆13Jan 2, 2018Updated 8 years ago
- Modify data structures in the Windows kernel, hiding processes by PID☆16Oct 29, 2017Updated 8 years ago
- simple PE packer written in C++☆56Feb 23, 2018Updated 8 years ago
- DInvisibleRegistry☆82Nov 20, 2020Updated 5 years ago
- C++ Host .NET CLR & Run a assembly directly from ressource (RT_RCDATA) without extraction disk.☆15Mar 18, 2023Updated 2 years ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- PInvoke at runtime for .NET☆17Sep 13, 2018Updated 7 years ago
- The driver STL library used by myself☆13Oct 19, 2022Updated 3 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆30Jul 12, 2021Updated 4 years ago
- Windows GUI/Execution Engine for Atomic Red Team Atomics☆36May 20, 2020Updated 5 years ago
- Rasta's mouse AMSI patch but with function that makes it undetectable.☆14Apr 21, 2021Updated 4 years ago