am0nsec / wspeLinks
Windows System Programming Experiments
☆220Updated 3 years ago
Alternatives and similar repositories for wspe
Users that are interested in wspe are comparing it to the libraries listed below
Sorting:
- A helper utility for creating shellcodes. Cleans MASM file generated by MSVC, gives refactoring hints.☆180Updated 3 months ago
- NINA: No Injection, No Allocation x64 Process Injection Technique☆226Updated 5 years ago
- ☆135Updated 4 months ago
- Virus Exchange (VX) - Collection of malware or assembly code used for "offensive" purposed.☆187Updated this week
- Kernel Exploits☆257Updated 4 years ago
- Extract Windows Defender database from vdm files and unpack it☆448Updated last month
- A more stealthy variant of "DLL hollowing"☆353Updated last year
- A simple implant showcasing modern C++☆108Updated 4 years ago
- Source code of exploiting windows API for red teaming series☆151Updated 2 years ago
- Windows user-land hooks manipulation tool.☆145Updated 4 years ago
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆335Updated 3 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆120Updated 5 years ago
- Evasive Process Hollowing Techniques☆141Updated 4 years ago
- ☆96Updated 3 years ago
- An attempt to restore and adapt to modern Win10 version the 'Rootkit Arsenal' original code samples☆70Updated 3 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 5 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Updated 5 years ago
- ☆162Updated 3 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆232Updated 7 months ago
- Set of antianalysis techniques found in malware☆132Updated last year
- Just another Windows Process Injection☆400Updated 5 years ago
- PoC MSVC COFF Object file loader/injector.☆178Updated 4 years ago
- WTSRM☆214Updated 3 years ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆109Updated 4 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆213Updated 2 years ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆216Updated 2 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆341Updated 2 years ago
- Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)☆228Updated 2 years ago
- A list of all the DLLs export in C:\windows\system32\☆218Updated 3 years ago