Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.
☆192Aug 3, 2025Updated 7 months ago
Alternatives and similar repositories for vx
Users that are interested in vx are comparing it to the libraries listed below
Sorting:
- Windows System Programming Experiments☆222Jun 13, 2022Updated 3 years ago
- C Header Only Library for Virii☆11Nov 17, 2020Updated 5 years ago
- Collection of structures, prototype and examples for Microsoft Macro Assembler (MASM) x64.☆16Aug 18, 2020Updated 5 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers t…☆457Oct 25, 2021Updated 4 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Original C Implementation of the Hell's Gate VX Technique☆1,161Jun 28, 2021Updated 4 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆74Apr 11, 2022Updated 3 years ago
- Research code & papers from members of vx-underground.☆1,352Dec 7, 2021Updated 4 years ago
- ☆210Mar 22, 2021Updated 4 years ago
- A list of all the DLLs export in C:\windows\system32\☆221Dec 22, 2021Updated 4 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated last year
- Userland API Unhooker Project☆111Jun 14, 2021Updated 4 years ago
- miscellaneous scripts and programs☆277Jan 23, 2025Updated last year
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆684Mar 11, 2024Updated last year
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆337Jan 16, 2022Updated 4 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆555Dec 3, 2023Updated 2 years ago
- TartarusGate, Bypassing EDRs☆653Jan 25, 2022Updated 4 years ago
- Custom implementation of DbgHelp's MiniDumpWriteDump function. Uses static syscalls to replace low-level functions like NtReadVirtualMemo…☆127Jan 18, 2022Updated 4 years ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆227Jun 9, 2020Updated 5 years ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆291Mar 8, 2023Updated 2 years ago
- Windows Kernel Programming Experiments☆84Sep 18, 2022Updated 3 years ago
- A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.☆722Aug 5, 2020Updated 5 years ago
- ☆165Sep 18, 2021Updated 4 years ago
- Sleep Obfuscation☆817Dec 3, 2023Updated 2 years ago
- Three Tiny Examples of Directly Using Vista's NtCreateUserProcess☆89Nov 9, 2015Updated 10 years ago
- Corsair LL Access driver abuse☆24Apr 16, 2021Updated 4 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- ☆133Jul 14, 2021Updated 4 years ago
- Beacon Object File (BOF) for remote process injection via thread hijacking☆220Jan 13, 2021Updated 5 years ago
- Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions☆495Apr 1, 2021Updated 4 years ago
- Piece of code to detect and remove hooks in IAT☆65May 30, 2022Updated 3 years ago
- ☆72Feb 28, 2023Updated 3 years ago
- AV/EDR evasion via direct system calls.☆1,990Jan 1, 2023Updated 3 years ago
- NT AUTHORITY\SYSTEM☆43Jul 8, 2020Updated 5 years ago
- C/C++ source obfuscator for antivirus bypass☆1,063Mar 10, 2022Updated 3 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated last year
- ☆84Aug 26, 2024Updated last year