brat-volk / EntomoLoader

Related projects: ⓘ

• XaFF-XaFF / ZwProcessHollowing
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆79Updated last year
• veil-ivy / kapc_injector
  kernel to user mode APC injector
  ☆43Updated 2 years ago
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆79Updated last year
• fcccode / Vx-Engines
  Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware
  ☆23Updated 4 years ago
• XShar / shell_crypor_framework
  Криптор на шелл-кодах
  ☆11Updated 4 years ago
• DanielAvinoam / TheSubZeroProject
  A multi-staged malware that contains a kernel mode rootkit and a remote system shell.
  ☆65Updated 3 years ago
• XShar / XssBot
  XssBot-Модульный резидентный бот с супер админкой
  ☆12Updated last year
• maziland / StackBombing
  Next gen process injection technique
  ☆41Updated 4 years ago
• Intrus1ve / Runpe-ProcessHollowing
  Fud Runpe Av Evasion / All Av Bypass
  ☆31Updated last year
• 0xTriboulet / Cycotic
  A python polymorphic engine for C programs
  ☆11Updated 9 months ago
• Sherman0236 / XorData
  A C++17 framework designed to enable obfuscation of constants, variables, and strings.
  ☆25Updated 10 months ago
• AlSch092 / HideStaticReferences
  Research into removing strings & API call references at compile-time (Anti-Analysis)
  ☆22Updated 3 months ago
• xalicex / Unhook-Import-Address-Table
  Piece of code to detect and remove hooks in IAT
  ☆51Updated 2 years ago
• NtQuerySystemInformation / NlsCodeInjectionThroughRegistry
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆116Updated last year
• loneicewolf / KernelMode-Code
  2022 Updated Kernelmode-Code
  ☆29Updated 5 months ago
• 0x44F / WinKit
  💻 Windows 10 Kernel-mode rootkit
  ☆30Updated 2 years ago
• realoriginal / foliage
  A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code
  ☆33Updated this week
• SamLarenN / PePacker
  Simple PE Packer Which Encrypts .text Section
  ☆45Updated 7 years ago
• XaFF-XaFF / Shellcodev
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆100Updated 11 months ago
• mrexodia / lolbin-poc
  Small PoC of using a Microsoft signed executable as a lolbin.
  ☆131Updated last year
• AzAgarampur / PsForge
  Process Hollowing demonstration & explanation
  ☆31Updated 3 years ago
• ORCA666 / KCTHIJACK
  ☆43Updated this week
• xalicex / Get-DLL-and-Function-Addresses
  GetModuleHandle (via PEB) and GetProcAddress (via EAT) like
  ☆31Updated 2 years ago
• Aekras1a / DarkCrypter
  A Simple AES Command Line Crypter
  ☆35Updated last year
• elddy / Windows-NTAPI-Injector
  Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses
  ☆40Updated 3 years ago
• cocomelonc / 2022-06-05-malware-av-evasion-7
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆32Updated 2 years ago
• gelven4sec / NotPetyaAgain
  PoC of a UEFI Petya ransomware
  ☆37Updated last year
• mave12 / HVNC-Stealer
  ☆32Updated this week
• Flawww / NtSyscaller
  Manually perform syscalls without going through any external API or DLL.
  ☆16Updated last year
• capt-meelo / KernelCallbackTable-Injection
  Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html
  ☆97Updated 2 years ago