cocomelonc / 2022-06-05-malware-av-evasion-7Links
Malware AV evasion via disable Windows Defender (Registry). C++
☆35Updated 3 years ago
Alternatives and similar repositories for 2022-06-05-malware-av-evasion-7
Users that are interested in 2022-06-05-malware-av-evasion-7 are comparing it to the libraries listed below
Sorting:
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆27Updated 5 years ago
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- Piece of code to detect and remove hooks in IAT☆64Updated 3 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆10Updated last year
- Next gen process injection technique☆54Updated 4 years ago
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆31Updated 3 years ago
- API Hammering with C++20☆46Updated 2 years ago
- Simple API Hooks detector☆73Updated 2 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆138Updated 2 years ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆27Updated last year
- Bypass Malware Time Delays☆102Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆53Updated last year
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 4 years ago
- ☆113Updated 2 years ago
- Antivirus killer using ring-0 kernel driver. Antivirus processes will automatically close while the killer is running.☆6Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- OFFZONE 2024 Malware Persistence workshop☆19Updated 6 months ago
- a stage1 DLL loader with sleep obfuscation☆37Updated 2 years ago
- ☆42Updated 2 years ago
- Various tools, PoCs and experiments related to my blog at https://www.forrest-orr.net/☆37Updated 3 years ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆11Updated 6 months ago
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- ☆16Updated 3 years ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆20Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆86Updated 2 years ago
- using the gpu to hide your payload☆59Updated 2 years ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆30Updated 10 months ago
- Callstack spoofing using a VEH because VEH all the things.☆21Updated 3 months ago
- ☆36Updated last year