Malware AV evasion via disable Windows Defender (Registry). C++
☆35Jun 5, 2022Updated 3 years ago
Alternatives and similar repositories for 2022-06-05-malware-av-evasion-7
Users that are interested in 2022-06-05-malware-av-evasion-7 are comparing it to the libraries listed below
Sorting:
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Apr 21, 2022Updated 3 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13May 2, 2022Updated 3 years ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆20Jul 24, 2022Updated 3 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- OFFZONE 2024 Malware Persistence workshop☆22Dec 18, 2024Updated last year
- aggregated repo for all conferences and talks I am giving☆17Oct 30, 2021Updated 4 years ago
- Apuntes Pentesting a ActiveDirectory PentesterAcademy☆21Jun 9, 2019Updated 6 years ago
- Windows-only Remote Access Tool (RAT) with anti-debugging and anti-sandbox checks. For educational purposes only.☆50Jul 13, 2021Updated 4 years ago
- It bridges my research with a functional tool. I want to provide a safe, open-source framework for hackers to test evasion and for defend…☆281Jan 26, 2026Updated last month
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- bug bounty☆11Aug 13, 2023Updated 2 years ago
- Here i will upload every prynt stealer stub source code and you will discover that is stormkitty 0_0 (I didnt buy anything from prynt whi…☆11Jan 8, 2023Updated 3 years ago
- Extra cmdlets to help with quering security related information from Azure☆14Sep 16, 2024Updated last year
- ☆46Jun 21, 2023Updated 2 years ago
- ☆13Dec 27, 2014Updated 11 years ago
- Process Injection: APC Injection☆32Jan 13, 2021Updated 5 years ago
- ☆29Aug 24, 2025Updated 6 months ago
- hooks gServerHandlers xxxEventWndProc☆13May 1, 2022Updated 3 years ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Satori botnet variant☆13Mar 19, 2022Updated 3 years ago
- A PoC executing shellcode in Dart☆16Jun 28, 2022Updated 3 years ago
- ☆19Mar 9, 2021Updated 5 years ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- A C# Tool to find left over pentest data for use in your pentest or redteam op. Blue could maybe use to find files to cleanup☆37Sep 14, 2023Updated 2 years ago
- C# Situational Awareness Script☆34Apr 26, 2019Updated 6 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆128Feb 28, 2026Updated last week
- Bypass Malware Time Delays☆107Sep 23, 2022Updated 3 years ago
- Nim Shellcode Injector☆15Jan 24, 2021Updated 5 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16May 26, 2022Updated 3 years ago
- Extracting Syscall Stub, Modernized☆65Apr 2, 2022Updated 3 years ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 6 months ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- UEFI bootkit: Hardware Implant. In-Progress☆15Mar 7, 2022Updated 4 years ago
- Decoder for VMProtect hwids☆18Aug 1, 2022Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago