accidentalrebel / shcode2exe
Compile shellcode into an exe file from Windows or Linux.
☆58Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for shcode2exe
- ☆105Updated last year
- Standalone Metasploit-like XOR encoder for shellcode☆45Updated 5 months ago
- ☆21Updated 2 years ago
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆138Updated 3 years ago
- Bypass Malware Time Delays☆97Updated 2 years ago
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆113Updated last year
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆109Updated 3 months ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code☆39Updated last month
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆35Updated 3 years ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆99Updated last year
- A Bumblebee-inspired Crypter☆80Updated last year
- ☆66Updated 11 months ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆132Updated last year
- Piece of code to detect and remove hooks in IAT☆58Updated 2 years ago
- Batch script to compile a binary shellcode blob into an exe file☆80Updated 5 years ago
- ☆76Updated 2 months ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆25Updated 5 years ago
- Evasive Process Hollowing Techniques☆134Updated 4 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆77Updated last year
- Small visualizator for PE files☆67Updated last year
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆59Updated last year
- Files for http://blog.deniable.org/posts/windows-callbacks/☆67Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆92Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- Detect strange memory regions and DLLs☆168Updated 2 years ago
- Overwrite a process's recovery callback and execute with WER☆102Updated 2 years ago
- A Poc on blocking Procmon from monitoring network events☆97Updated 2 years ago