cocomelonc/2022-04-02-malware-injection-18 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cocomelonc/2022-04-02-malware-injection-18

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cocomelonc/2022-04-02-malware-injection-18)

Close

cocomelonc / 2022-04-02-malware-injection-18View on GitHubMore

• External links
• Readme badge

Find kernel32 base and API addresses. Simple C++ implementation

☆24Apr 7, 2022Updated 4 years ago

Alternatives and similar repositories for 2022-04-02-malware-injection-18

Users that are interested in 2022-04-02-malware-injection-18 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• cocomelonc / 2022-06-05-malware-av-evasion-7

  View on GitHub
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆36Jun 5, 2022Updated 3 years ago
• cocomelonc / 2022-04-13-malware-injection-19

  View on GitHub
  Classic DLL injection. Download dll from url and inject. Simple C++ implementation
  ☆10Apr 16, 2022Updated 4 years ago
• cocomelonc / 2022-06-27-malware-injection-20

  View on GitHub
  Run shellcode via EnumDesktopsA. C++ implementation
  ☆13Jun 27, 2022Updated 3 years ago
• cocomelonc / 2022-01-24-malware-injection-15

  View on GitHub
  Process injection via KernelCallbackTable
  ☆13Jan 28, 2022Updated 4 years ago
• cocomelonc / 2022-04-20-malware-pers-1

  View on GitHub
  Malware development: persistence - part 1: startup folder registry keys. C++ implementation
  ☆13Apr 21, 2022Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• cocomelonc / 2022-07-21-malware-tricks-22

  View on GitHub
  Run payload like a Lazarus Group (UuidFromStringA). C++ implementation
  ☆22Jul 24, 2022Updated 3 years ago
• cocomelonc / 2022-05-02-malware-pers-3

  View on GitHub
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13May 2, 2022Updated 4 years ago
• cocomelonc / 2022-01-14-malware-injection-13

  View on GitHub
  Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example
  ☆18Jan 17, 2022Updated 4 years ago
• Narumiii / phantommap

  View on GitHub
  Phantom DLL Hollowing method implemented in modmap
  ☆18Jun 9, 2021Updated 4 years ago
• Kara-4search / HellgateLoader_CSharp

  View on GitHub
  Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
  ☆17Jan 21, 2022Updated 4 years ago
• OrShazam / ChainEngine

  View on GitHub
  automates exploits using ROP chains, using ntdll-scraper
  ☆16May 26, 2022Updated 3 years ago
• OffenseTeacher / NimSkrull

  View on GitHub
  NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…
  ☆13May 20, 2023Updated 2 years ago
• cocomelonc / vulnexipy

  View on GitHub
  Vulnerabilities exploitation examples, python
  ☆24May 22, 2023Updated 2 years ago
• zimawhit3 / DynimicGhostWriting

  View on GitHub
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆29Oct 29, 2021Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• audibleblink / davil

  View on GitHub
  leaking net-ntlm with webdav
  ☆26Feb 23, 2021Updated 5 years ago
• ZeroMemoryEx / SleepKiller

  View on GitHub
  Bypass Malware Time Delays
  ☆105Sep 23, 2022Updated 3 years ago
• wafinfo / SyscallLoader

  View on GitHub
  SyscallLoader
  ☆11Sep 13, 2021Updated 4 years ago
• rbmm / Hollowed-Process

  View on GitHub
  ☆28Aug 24, 2025Updated 8 months ago
• sbasu7241 / HellsGate

  View on GitHub
  Rewrote HellsGate in C# for fun and learning
  ☆86Feb 10, 2022Updated 4 years ago
• cocomelonc / peekaboo

  View on GitHub
  It bridges my research with a functional tool. I want to provide a safe, open-source framework for hackers to test evasion and for defend…
  ☆309Apr 30, 2026Updated last week
• cocomelonc / 2023-06-07-syscalls-1

  View on GitHub
  Malware dev tricks. Syscalls part 1. Simple C example
  ☆12Jun 8, 2023Updated 2 years ago
• latortuga71 / DisablePPLDriverPoc

  View on GitHub
  Disable PPL via custom driver and dump lsass
  ☆15Mar 13, 2021Updated 5 years ago
• cocomelonc / offzone-2024-malware-persistence-workshop

  View on GitHub
  OFFZONE 2024 Malware Persistence workshop
  ☆24Dec 18, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• mrd0x / pe2shc-to-cdb

  View on GitHub
  Convert shellcode generated using pe_2_shellcode to cdb format.
  ☆100Jan 18, 2022Updated 4 years ago
• idnahacks / NetCeasePlusPlus

  View on GitHub
  Takes the original idea of NetCease and adds functionality
  ☆24Feb 6, 2022Updated 4 years ago
• iammaguire / Salient-Rootkit

  View on GitHub
  A kernel mode Windows rootkit in development.
  ☆49Dec 31, 2021Updated 4 years ago
• 0xv1n / proc-suspend

  View on GitHub
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Mar 26, 2023Updated 3 years ago
• deepinstinct / AMSI-Unchained

  View on GitHub
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆91Nov 24, 2022Updated 3 years ago
• t3hbb / citrixphishlet

  View on GitHub
  Citrix Phishlet
  ☆24Feb 2, 2021Updated 5 years ago
• shantanu561993 / DLL-Sideload

  View on GitHub
  ☆43Jan 2, 2023Updated 3 years ago
• RedSection / printjacker

  View on GitHub
  Hijack Printconfig.dll to execute shellcode
  ☆102Jan 15, 2021Updated 5 years ago
• jfmaes / blogposts-talks-and-tidbits

  View on GitHub
  all random stuff that dont warrant a seperate repo
  ☆12Sep 2, 2022Updated 3 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• XaFF-XaFF / Shellcodev

  View on GitHub
  Shellcodev is a tool designed to help and automate the process of shellcode creation.
  ☆114Oct 11, 2023Updated 2 years ago
• GetRektBoy724 / TripleS

  View on GitHub
  Extracting Syscall Stub, Modernized
  ☆65Apr 2, 2022Updated 4 years ago
• klezVirus / NimlineWhispers3

  View on GitHub
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆148Jun 2, 2022Updated 3 years ago
• sliverarmory / injectAmsiBypass

  View on GitHub
  Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.
  ☆49Dec 31, 2021Updated 4 years ago
• SolomonSklash / TokenStealingDriver

  View on GitHub
  ☆24Jul 29, 2021Updated 4 years ago
• EspressoCake / NativeFunctionStaticMap

  View on GitHub
  A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.
  ☆28Dec 16, 2021Updated 4 years ago
• jbaines-r7 / overkill

  View on GitHub
  QNAP N-Day (Probably not CVE-2020-2509)
  ☆14Jul 27, 2022Updated 3 years ago