cocomelonc/2023-06-07-syscalls-1 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cocomelonc/2023-06-07-syscalls-1

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cocomelonc/2023-06-07-syscalls-1)

Close

cocomelonc / 2023-06-07-syscalls-1View on GitHubMore

• External links
• Readme badge

Malware dev tricks. Syscalls part 1. Simple C example

☆10Jun 8, 2023Updated 2 years ago

Alternatives and similar repositories for 2023-06-07-syscalls-1

Users that are interested in 2023-06-07-syscalls-1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• cocomelonc / 2022-04-13-malware-injection-19

  View on GitHub
  Classic DLL injection. Download dll from url and inject. Simple C++ implementation
  ☆10Apr 16, 2022Updated 4 years ago
• cocomelonc / 2022-01-24-malware-injection-15

  View on GitHub
  Process injection via KernelCallbackTable
  ☆13Jan 28, 2022Updated 4 years ago
• cocomelonc / 2022-04-20-malware-pers-1

  View on GitHub
  Malware development: persistence - part 1: startup folder registry keys. C++ implementation
  ☆12Apr 21, 2022Updated 3 years ago
• cocomelonc / 2022-05-02-malware-pers-3

  View on GitHub
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13May 2, 2022Updated 3 years ago
• cocomelonc / OffensiveCpp

  View on GitHub
  This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
  ☆13May 31, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• cocomelonc / offzone-2024-malware-persistence-workshop

  View on GitHub
  OFFZONE 2024 Malware Persistence workshop
  ☆22Dec 18, 2024Updated last year
• cyotek / CyotekDownDetector

  View on GitHub
  A simple application to keep on an eye on the availability of HTTP sites
  ☆15Oct 10, 2023Updated 2 years ago
• ProcessusT / UnhookingDLL

  View on GitHub
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆74Feb 11, 2024Updated 2 years ago
• cocomelonc / vulnexipy

  View on GitHub
  Vulnerabilities exploitation examples, python
  ☆23May 22, 2023Updated 2 years ago
• dmcxblue / NtCreateUserProcessBOF

  View on GitHub
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆31Jan 30, 2025Updated last year
• wsummerhill / Malware_Weaponization

  View on GitHub
  A curated list of tools and techniques written from experience in weaponization of malware
  ☆41Oct 26, 2023Updated 2 years ago
• cocomelonc / 2022-04-02-malware-injection-18

  View on GitHub
  Find kernel32 base and API addresses. Simple C++ implementation
  ☆23Apr 7, 2022Updated 4 years ago
• Masfo / TinyPE

  View on GitHub
  POC Tiny PE - Example project showing (almost) minimal executable size. Without touching assembly.
  ☆15Mar 16, 2026Updated last month
• puff / dnSpy.Extension.EasyRename

  View on GitHub
  A simple dnSpy extension for easily renaming members.
  ☆20May 27, 2023Updated 2 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• ye231101 / viewpro-widget

  View on GitHub
  ☆28Apr 10, 2026Updated last week
• cocomelonc / 2022-07-21-malware-tricks-22

  View on GitHub
  Run payload like a Lazarus Group (UuidFromStringA). C++ implementation
  ☆21Jul 24, 2022Updated 3 years ago
• ranni0225 / WRK

  View on GitHub
  Windows Research Kernel
  ☆37Sep 22, 2025Updated 6 months ago
• looCiprian / YubiEnc

  View on GitHub
  Encrypt/decrypt files and directories using your YubiKey
  ☆16Sep 24, 2023Updated 2 years ago
• ProcessusT / LoadThat-PEandAssembly

  View on GitHub
  2 PE Loader tools that load a PE from memory, decrypt it and make some magic things to execute seamlessly from memory
  ☆54Nov 7, 2025Updated 5 months ago
• ashleyhung / WinRing0

  View on GitHub
  Get windows CPU temperature with WinRing0 driver and library
  ☆25Jan 10, 2019Updated 7 years ago
• DanMcInerney / Obf-Cats

  View on GitHub
  Obfuscated Invoke-Mimikatz script
  ☆13May 29, 2018Updated 7 years ago
• Cr4sh / r0ak

  View on GitHub
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆11Aug 6, 2018Updated 7 years ago
• cocomelonc / cocomelonc.github.io

  View on GitHub
  Cybersecurity blog. Red Team, pentest, malware analysis and dev
  ☆97Updated this week
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• Coldzer0 / TinyPDBParser

  View on GitHub
  Windows PDB Parser using Imagehlp library.
  ☆16Sep 16, 2022Updated 3 years ago
• indetectables-net / official-app

  View on GitHub
  App oficial de Indetectables. Seria un cliente del foro
  ☆23Aug 16, 2021Updated 4 years ago
• Hagrid29 / RemotePatcher

  View on GitHub
  Patch AMSI and ETW in remote process via direct syscall
  ☆86Apr 28, 2022Updated 3 years ago
• beProsto / wasm-webgl

  View on GitHub
  A project that uses webgl, written in c++ compiled to wasm with clang.
  ☆14Mar 21, 2022Updated 4 years ago
• cocomelonc / bsprishtina-2024-maldev-workshop

  View on GitHub
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆132Updated this week
• cocomelonc / 2022-06-05-malware-av-evasion-7

  View on GitHub
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆35Jun 5, 2022Updated 3 years ago
• thdal / MosaiqueRAT

  View on GitHub
  Mosaique - Remote administration tools
  ☆75Nov 12, 2020Updated 5 years ago
• Shrfnt77 / AmsiBypass

  View on GitHub
  Bypassing Amsi using LdrLoadDll
  ☆48Jan 8, 2025Updated last year
• Cr4sh / prl_guest_to_host

  View on GitHub
  Guest to host VM escape exploit for Parallels Desktop
  ☆27Nov 14, 2014Updated 11 years ago
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• VollRagm / ShellcodeBakery

  View on GitHub
  A simple tool to assemble shellcode ready to be copy-pasted into code
  ☆71Jun 13, 2022Updated 3 years ago
• zodiacon / youtubecode

  View on GitHub
  Youtube channel sample code
  ☆56Updated this week
• Octoberfest7 / Cohab_Processes

  View on GitHub
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆86Jan 6, 2023Updated 3 years ago
• licensezero / licensezero-private-license

  View on GitHub
  standard form private license for developers
  ☆13May 16, 2021Updated 4 years ago
• sliverarmory / beignet

  View on GitHub
  MacOS Shared Library to Shellcode Loader
  ☆64Feb 23, 2026Updated last month
• XaFF-XaFF / ZwProcessHollowing

  View on GitHub
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆93Mar 23, 2023Updated 3 years ago
• CryptoBreach / UnhookPoC

  View on GitHub
  A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
  ☆10Dec 16, 2021Updated 4 years ago