brat-volk / EntomoLoader
C++ Multi-Stage Semi-Polymorphic Malware Loader.
☆8Updated 2 years ago
Related projects: ⓘ
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆79Updated last year
- kernel to user mode APC injector☆43Updated 2 years ago
- A Bumblebee-inspired Crypter☆79Updated last year
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆23Updated 4 years ago
- Криптор на шелл-кодах☆11Updated 4 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆65Updated 3 years ago
- XssBot-Модульный резидентный бот с супер админкой☆12Updated last year
- Next gen process injection technique☆41Updated 4 years ago
- Fud Runpe Av Evasion / All Av Bypass☆31Updated last year
- A python polymorphic engine for C programs☆11Updated 9 months ago
- A C++17 framework designed to enable obfuscation of constants, variables, and strings.☆25Updated 10 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆22Updated 3 months ago
- Piece of code to detect and remove hooks in IAT☆51Updated 2 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆116Updated last year
- 2022 Updated Kernelmode-Code☆29Updated 5 months ago
- 💻 Windows 10 Kernel-mode rootkit☆30Updated 2 years ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code☆33Updated this week
- Simple PE Packer Which Encrypts .text Section☆45Updated 7 years ago
- Shellcodev is a tool designed to help and automate the process of shellcode creation.☆100Updated 11 months ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆131Updated last year
- Process Hollowing demonstration & explanation☆31Updated 3 years ago
- ☆43Updated this week
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆31Updated 2 years ago
- A Simple AES Command Line Crypter☆35Updated last year
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 3 years ago
- Malware AV evasion via disable Windows Defender (Registry). C++☆32Updated 2 years ago
- PoC of a UEFI Petya ransomware☆37Updated last year
- ☆32Updated this week
- Manually perform syscalls without going through any external API or DLL.☆16Updated last year
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆97Updated 2 years ago