cocomelonc / 2022-06-05-malware-av-evasion-7
Malware AV evasion via disable Windows Defender (Registry). C++
☆35Updated 2 years ago
Alternatives and similar repositories for 2022-06-05-malware-av-evasion-7:
Users that are interested in 2022-06-05-malware-av-evasion-7 are comparing it to the libraries listed below
- A Bumblebee-inspired Crypter☆80Updated 2 years ago
- OFFZONE 2024 Malware Persistence workshop☆17Updated 4 months ago
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Updated 3 years ago
- Collection of source code for Polymorphic, Metamorphic, and Permutation Engines used in Malware☆26Updated 5 years ago
- Next gen process injection technique☆52Updated 4 years ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆25Updated 10 months ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆137Updated 2 years ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆10Updated last year
- a stage1 DLL loader with sleep obfuscation☆35Updated 2 years ago
- ☆16Updated 3 years ago
- API Hammering with C++20☆46Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- Manually perform syscalls without going through any external API or DLL.☆18Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆53Updated 10 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆27Updated 8 months ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆19Updated 2 years ago
- Read Memory without ReadProcessMemory for Current Process☆76Updated 3 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆14Updated 11 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆11Updated 4 months ago
- Bypass Malware Time Delays☆101Updated 2 years ago
- using the gpu to hide your payload☆57Updated 2 years ago
- the Open Source and Pure C++ Packer for eXecutables☆20Updated 2 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- 💻 Windows 10 Kernel-mode rootkit☆31Updated 2 years ago
- Simple API Hooks detector☆73Updated 2 years ago
- A multi-staged malware that contains a kernel mode rootkit and a remote system shell.☆71Updated 3 years ago
- ☆42Updated 2 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆13Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆84Updated 2 years ago
- Callstack spoofing using a VEH because VEH all the things.☆21Updated last month