cocomelonc / 2022-06-27-malware-injection-20
Run shellcode via EnumDesktopsA. C++ implementation
☆12Updated 2 years ago
Alternatives and similar repositories for 2022-06-27-malware-injection-20:
Users that are interested in 2022-06-27-malware-injection-20 are comparing it to the libraries listed below
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆9Updated 2 years ago
- Process injection via KernelCallbackTable☆13Updated 3 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆12Updated 2 years ago
- Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example☆17Updated 3 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆12Updated 2 years ago
- ☆15Updated last year
- Just another casual shellcode native loader☆24Updated 3 years ago
- A lexer and parser for Sleep☆16Updated last month
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆16Updated 6 years ago
- Collection of shellcode injection and execution techniques☆15Updated 3 years ago
- AV engines evasion for C++ simple malware part 1 source code☆12Updated 2 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆12Updated last year
- using the Recycle Bin to insure persistence☆12Updated 2 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆19Updated 4 years ago
- Loading and executing shellcode in C# without PInvoke.☆20Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆18Updated last year
- Executes shellcode from a remote server and aims to evade in-memory scanners☆31Updated 5 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 2 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆24Updated 2 years ago
- ☆47Updated 3 years ago
- ☆12Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- ☆11Updated 5 years ago
- really ?☆12Updated 11 months ago
- A dropper that decrypts encrypted xor payload and can inject it in explorer.exe proccess☆8Updated 3 years ago
- ☆10Updated last month
- JALSI - Just Another Lame Shellcode Injector☆30Updated 3 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated last year
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆18Updated last year