cocomelonc / 2022-06-05-malware-av-evasion-7
Malware AV evasion via disable Windows Defender (Registry). C++
☆35Updated 2 years ago
Alternatives and similar repositories for 2022-06-05-malware-av-evasion-7:
Users that are interested in 2022-06-05-malware-av-evasion-7 are comparing it to the libraries listed below
- OFFZONE 2024 Malware Persistence workshop☆19Updated 3 months ago
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆26Updated 5 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆9Updated last year
- Small PoC of using a Microsoft signed executable as a lolbin.☆136Updated 2 years ago
- ☆71Updated last year
- Process Hollowing demonstration & explanation☆35Updated 4 years ago
- Bypass Malware Time Delays☆100Updated 2 years ago
- Detect API Hooks☆73Updated 2 years ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆19Updated 2 years ago
- Piece of code to detect and remove hooks in IAT☆63Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- API Hammering with C++20☆45Updated 2 years ago
- This x64dbg plugin allows you to upload your sample to Malcore and view the results.☆33Updated last year
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Updated 3 years ago
- ☆16Updated 3 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- ☆36Updated 3 weeks ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆83Updated 2 years ago
- using the gpu to hide your payload☆56Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago
- Next gen process injection technique☆45Updated 4 years ago
- ☆34Updated last year
- user-mode Rootkit☆104Updated 2 years ago
- Recreating and reviewing the Windows persistence methods☆36Updated 3 years ago
- NT AUTHORITY\SYSTEM☆39Updated 4 years ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated last year
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆25Updated 9 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆26Updated 7 months ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆72Updated 3 years ago