cocomelonc/2023-06-07-syscalls-1 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cocomelonc/2023-06-07-syscalls-1

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cocomelonc/2023-06-07-syscalls-1)

Close

cocomelonc / 2023-06-07-syscalls-1View on GitHubMore

• External links
• Readme badge

Malware dev tricks. Syscalls part 1. Simple C example

☆12Jun 8, 2023Updated 3 years ago

Alternatives and similar repositories for 2023-06-07-syscalls-1

Users that are interested in 2023-06-07-syscalls-1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• cocomelonc / 2022-04-13-malware-injection-19

  View on GitHub
  Classic DLL injection. Download dll from url and inject. Simple C++ implementation
  ☆10Apr 16, 2022Updated 4 years ago
• cocomelonc / 2022-01-24-malware-injection-15

  View on GitHub
  Process injection via KernelCallbackTable
  ☆13Jan 28, 2022Updated 4 years ago
• cocomelonc / 2022-04-20-malware-pers-1

  View on GitHub
  Malware development: persistence - part 1: startup folder registry keys. C++ implementation
  ☆13Apr 21, 2022Updated 4 years ago
• cocomelonc / 2022-01-14-malware-injection-13

  View on GitHub
  Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example
  ☆18Jan 17, 2022Updated 4 years ago
• cocomelonc / 2022-05-02-malware-pers-3

  View on GitHub
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13May 2, 2022Updated 4 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• cocomelonc / OffensiveCpp

  View on GitHub
  This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
  ☆14May 31, 2024Updated 2 years ago
• cocomelonc / offzone-2024-malware-persistence-workshop

  View on GitHub
  OFFZONE 2024 Malware Persistence workshop
  ☆24Dec 18, 2024Updated last year
• cocomelonc / 2022-06-27-malware-injection-20

  View on GitHub
  Run shellcode via EnumDesktopsA. C++ implementation
  ☆13Jun 27, 2022Updated 3 years ago
• cyotek / CyotekDownDetector

  View on GitHub
  A simple application to keep on an eye on the availability of HTTP sites
  ☆15Oct 10, 2023Updated 2 years ago
• ProcessusT / UnhookingDLL

  View on GitHub
  This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…
  ☆75Feb 11, 2024Updated 2 years ago
• cocomelonc / vulnexipy

  View on GitHub
  Vulnerabilities exploitation examples, python
  ☆26May 22, 2023Updated 3 years ago
• dmcxblue / NtCreateUserProcessBOF

  View on GitHub
  An Aggressor Script that utilizes NtCreateUserProcess to run binaries
  ☆31Jan 30, 2025Updated last year
• wsummerhill / Malware_Weaponization

  View on GitHub
  A curated list of tools and techniques written from experience in weaponization of malware
  ☆41Oct 26, 2023Updated 2 years ago
• cocomelonc / 2022-04-02-malware-injection-18

  View on GitHub
  Find kernel32 base and API addresses. Simple C++ implementation
  ☆24Apr 7, 2022Updated 4 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• Masfo / TinyPE

  View on GitHub
  POC Tiny PE - Example project showing (almost) minimal executable size. Without touching assembly.
  ☆15Jun 11, 2026Updated last week
• puff / dnSpy.Extension.EasyRename

  View on GitHub
  A simple dnSpy extension for easily renaming members.
  ☆20May 27, 2023Updated 3 years ago
• cocomelonc / 2022-07-21-malware-tricks-22

  View on GitHub
  Run payload like a Lazarus Group (UuidFromStringA). C++ implementation
  ☆22Jul 24, 2022Updated 3 years ago
• ranni0225 / WRK

  View on GitHub
  Windows Research Kernel
  ☆40May 16, 2026Updated last month
• looCiprian / YubiEnc

  View on GitHub
  Encrypt/decrypt files and directories using your YubiKey
  ☆16May 3, 2026Updated last month
• ProcessusT / LoadThat-PEandAssembly

  View on GitHub
  2 PE Loader tools that load a PE from memory, decrypt it and make some magic things to execute seamlessly from memory
  ☆53May 20, 2026Updated 3 weeks ago
• ashleyhung / WinRing0

  View on GitHub
  Get windows CPU temperature with WinRing0 driver and library
  ☆26Jan 10, 2019Updated 7 years ago
• DanMcInerney / Obf-Cats

  View on GitHub
  Obfuscated Invoke-Mimikatz script
  ☆13May 29, 2018Updated 8 years ago
• Cr4sh / r0ak

  View on GitHub
  r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems
  ☆11Aug 6, 2018Updated 7 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• cocomelonc / cocomelonc.github.io

  View on GitHub
  Cybersecurity blog. Red Team, pentest, malware analysis and dev
  ☆102May 30, 2026Updated 2 weeks ago
• Coldzer0 / TinyPDBParser

  View on GitHub
  Windows PDB Parser using Imagehlp library.
  ☆16Sep 16, 2022Updated 3 years ago
• indetectables-net / official-app

  View on GitHub
  App oficial de Indetectables. Seria un cliente del foro
  ☆24Aug 16, 2021Updated 4 years ago
• Hagrid29 / RemotePatcher

  View on GitHub
  Patch AMSI and ETW in remote process via direct syscall
  ☆85Apr 28, 2022Updated 4 years ago
• beProsto / wasm-webgl

  View on GitHub
  A project that uses webgl, written in c++ compiled to wasm with clang.
  ☆14Mar 21, 2022Updated 4 years ago
• thdal / MosaiqueRAT

  View on GitHub
  Mosaique - Remote administration tools
  ☆75Nov 12, 2020Updated 5 years ago
• cocomelonc / 2022-06-05-malware-av-evasion-7

  View on GitHub
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆36Jun 5, 2022Updated 4 years ago
• Shrfnt77 / AmsiBypass

  View on GitHub
  Bypassing Amsi using LdrLoadDll
  ☆48Jan 8, 2025Updated last year
• VollRagm / ShellcodeBakery

  View on GitHub
  A simple tool to assemble shellcode ready to be copy-pasted into code
  ☆70Jun 13, 2022Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• zodiacon / youtubecode

  View on GitHub
  Youtube channel sample code
  ☆57May 30, 2026Updated 2 weeks ago
• Octoberfest7 / Cohab_Processes

  View on GitHub
  A small Aggressor script to help Red Teams identify foreign processes on a host machine
  ☆86Jan 6, 2023Updated 3 years ago
• licensezero / licensezero-private-license

  View on GitHub
  standard form private license for developers
  ☆13May 16, 2021Updated 5 years ago
• cocomelonc / bsprishtina-2024-maldev-workshop

  View on GitHub
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆143May 23, 2026Updated 3 weeks ago
• sliverarmory / beignet

  View on GitHub
  MacOS Shared Library to Shellcode Loader
  ☆70Feb 23, 2026Updated 3 months ago
• XaFF-XaFF / ZwProcessHollowing

  View on GitHub
  ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption
  ☆94Mar 23, 2023Updated 3 years ago
• Cr4sh / prl_guest_to_host

  View on GitHub
  Guest to host VM escape exploit for Parallels Desktop
  ☆28Nov 14, 2014Updated 11 years ago