amitwaisel/Malproxy external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

amitwaisel/Malproxy

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/amitwaisel/Malproxy)

Close

amitwaisel / MalproxyView on GitHubMore

• External links
• Readme badge

Proxy system calls over an RPC channel

☆100Feb 11, 2022Updated 4 years ago

Alternatives and similar repositories for Malproxy

Users that are interested in Malproxy are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• delivr-to / MailCollector

  View on GitHub
  A .NET 4.8 application to retrieve delivr.to emails from Microsoft Outlook via COM
  ☆20Jul 19, 2025Updated 9 months ago
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆281Jan 23, 2025Updated last year
• SolomonSklash / SleepyCrypt

  View on GitHub
  A shellcode function to encrypt a running process image when sleeping.
  ☆338Sep 11, 2021Updated 4 years ago
• xpn / ObjectOverloadingPOC

  View on GitHub
  ☆60Feb 10, 2022Updated 4 years ago
• hasherezade / module_overloading

  View on GitHub
  A more stealthy variant of "DLL hollowing"
  ☆365Mar 8, 2024Updated 2 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• TheWover / EasyNet

  View on GitHub
  Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…
  ☆93Apr 27, 2019Updated 7 years ago
• pracsec / AmsiBypassHookManagedAPI

  View on GitHub
  A new AMSI Bypass technique using .NET ALI Call Hooking.
  ☆194Nov 15, 2022Updated 3 years ago
• rasta-mouse / CollectorService

  View on GitHub
  ☆54Apr 27, 2019Updated 7 years ago
• guitmz / msil-cecil-injection

  View on GitHub
  Injection of MSIL using Cecil
  ☆12Jul 28, 2015Updated 10 years ago
• zimnyaa / PhaseDive

  View on GitHub
  Sleep Obfuscation
  ☆46Oct 13, 2022Updated 3 years ago
• nettitude / ShellcodeMutator

  View on GitHub
  ☆246Dec 16, 2022Updated 3 years ago
• rad9800 / WTSRM2

  View on GitHub
  ☆164Dec 30, 2022Updated 3 years ago
• ceramicskate0 / SharpExchange

  View on GitHub
  C# Tool to interact with MS Exchange based on MS docs
  ☆102Dec 7, 2022Updated 3 years ago
• netero1010 / Quser-BOF

  View on GitHub
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆87Mar 22, 2023Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• frkngksl / NiCOFF

  View on GitHub
  COFF and BOF Loader written in Nim
  ☆174Apr 4, 2026Updated last month
• dr4k0nia / MurkyStrings

  View on GitHub
  A string obfuscator for .NET apps, built to evade static string analysis.
  ☆109Jan 3, 2023Updated 3 years ago
• RobinFassinaMoschiniForks / TransitionalPeriod

  View on GitHub
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆32Jun 14, 2022Updated 3 years ago
• med0x2e / vba2clr

  View on GitHub
  Running .NET from VBA
  ☆148Feb 11, 2023Updated 3 years ago
• paranoidninja / Proxy-DLL-Loads

  View on GitHub
  The code is a pingback to the Dark Vortex blog:
  ☆190Jan 26, 2023Updated 3 years ago
• passthehashbrowns / hiding-your-syscalls

  View on GitHub
  Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…
  ☆219Feb 20, 2023Updated 3 years ago
• bohops / DynamicDotNet

  View on GitHub
  A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
  ☆145May 18, 2024Updated last year
• klezVirus / SilentMoonwalk

  View on GitHub
  PoC Implementation of a fully dynamic call stack spoofer
  ☆953Jul 20, 2024Updated last year
• DamonMohammadbagher / NativePayload_HTTP

  View on GitHub
  Data Exfiltration via HTTP Traffic (C# and Shell Script)
  ☆17Jun 5, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• soufianetahiri / CitrixSecureAccessAuthCookieDump

  View on GitHub
  Dump Citrix Secure Access auth cookie from the process memory
  ☆76Jun 24, 2022Updated 3 years ago
• ly4k / PassTheChallenge

  View on GitHub
  Recovering NTLM hashes from Credential Guard
  ☆384Dec 26, 2022Updated 3 years ago
• mgeeky / msi-shenanigans

  View on GitHub
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆91Dec 15, 2022Updated 3 years ago
• klezVirus / DCKFinder

  View on GitHub
  Dangling COM Keys Finder
  ☆17Nov 16, 2021Updated 4 years ago
• med0x2e / NoAmci

  View on GitHub
  Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().
  ☆219Mar 5, 2020Updated 6 years ago
• xpn / NautilusProject

  View on GitHub
  A collection of weird ways to execute unmanaged code in .NET
  ☆173May 4, 2021Updated 5 years ago
• thefLink / RecycledGate

  View on GitHub
  Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll
  ☆503Feb 3, 2022Updated 4 years ago
• lazaars / UltraRealy_with_CVE-2019-1040

  View on GitHub
  Updated version for the tool UltraRealy with support of the CVE-2019-1040 exploit
  ☆20Jun 19, 2019Updated 6 years ago
• 0x00-0x00 / CVE-2019-1064

  View on GitHub
  CVE-2019-1064 Local Privilege Escalation Vulnerability
  ☆11Jun 12, 2019Updated 6 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• paranoidninja / Proxy-Function-Calls-For-ETwTI

  View on GitHub
  The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
  ☆212Jan 29, 2023Updated 3 years ago
• enkomio / BrokenFlow

  View on GitHub
  A simple PoC to invoke an encrypted shellcode by using an hidden call
  ☆115Nov 19, 2022Updated 3 years ago
• OccamsXor / Dragnmove

  View on GitHub
  Infect Shared Files In Memory for Lateral Movement
  ☆191Dec 14, 2022Updated 3 years ago
• djhohnstein / HookDetector

  View on GitHub
  Playing with PE's and Building Structures by Hand
  ☆22Apr 21, 2022Updated 4 years ago
• TheWover / AssemblyLoader

  View on GitHub
  Loads .NET Assembly Via CLR Loader
  ☆17Mar 6, 2019Updated 7 years ago
• evilashz / CheeseOunce

  View on GitHub
  Coerce Windows machines auth via MS-EVEN
  ☆174Jan 17, 2024Updated 2 years ago
• IkerSaint / KingHamlet

  View on GitHub
  Process Ghosting Tool
  ☆176Jun 22, 2021Updated 4 years ago