Malware dev tricks. Syscalls part 1. Simple C example
☆12Jun 8, 2023Updated 3 years ago
Alternatives and similar repositories for 2023-06-07-syscalls-1
Users that are interested in 2023-06-07-syscalls-1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆11Apr 16, 2022Updated 4 years ago
- Process injection via KernelCallbackTable☆13Jan 28, 2022Updated 4 years ago
- Malware development: persistence - part 1: startup folder registry keys. C++ implementation☆13Apr 21, 2022Updated 4 years ago
- Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example☆18Jan 17, 2022Updated 4 years ago
- Malware persistence via COM DLL hijacking. C++ implementation example☆15May 2, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This repo contains C/C++ snippets that can be handy in specific offensive scenarios.☆14May 31, 2024Updated 2 years ago
- OFFZONE 2024 Malware Persistence workshop☆24Dec 18, 2024Updated last year
- Run shellcode via EnumDesktopsA. C++ implementation☆13Jun 27, 2022Updated 4 years ago
- A simple application to keep on an eye on the availability of HTTP sites☆15Oct 10, 2023Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆75Feb 11, 2024Updated 2 years ago
- Vulnerabilities exploitation examples, python☆26May 22, 2023Updated 3 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆32Jan 30, 2025Updated last year
- A curated list of tools and techniques written from experience in weaponization of malware☆40Oct 26, 2023Updated 2 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆24Apr 7, 2022Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- POC Tiny PE - Example project showing (almost) minimal executable size. Without touching assembly.☆15Jun 11, 2026Updated 3 weeks ago
- A simple dnSpy extension for easily renaming members.☆21May 27, 2023Updated 3 years ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆22Jul 24, 2022Updated 3 years ago
- Windows Research Kernel☆39May 16, 2026Updated last month
- Encrypt/decrypt files and directories using your YubiKey☆16May 3, 2026Updated 2 months ago
- 2 PE Loader tools that load a PE from memory, decrypt it and make some magic things to execute seamlessly from memory☆53May 20, 2026Updated last month
- Get windows CPU temperature with WinRing0 driver and library☆26Jan 10, 2019Updated 7 years ago
- Obfuscated Invoke-Mimikatz script☆13May 29, 2018Updated 8 years ago
- r0ak ("roak") is the Ring 0 Army Knife -- A Command Line Utility To Read/Write/Execute Ring Zero on for Windows 10 Systems☆11Aug 6, 2018Updated 7 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Cybersecurity blog. Red Team, pentest, malware analysis and dev☆102Updated this week
- Windows PDB Parser using Imagehlp library.☆16Sep 16, 2022Updated 3 years ago
- App oficial de Indetectables. Seria un cliente del foro☆24Aug 16, 2021Updated 4 years ago
- Patch AMSI and ETW in remote process via direct syscall☆84Apr 28, 2022Updated 4 years ago
- A project that uses webgl, written in c++ compiled to wasm with clang.☆14Mar 21, 2022Updated 4 years ago
- Mosaique - Remote administration tools☆74Nov 12, 2020Updated 5 years ago
- Malware AV evasion via disable Windows Defender (Registry). C++☆35Jun 5, 2022Updated 4 years ago
- Bypassing Amsi using LdrLoadDll☆48Jan 8, 2025Updated last year
- A simple tool to assemble shellcode ready to be copy-pasted into code☆70Jun 13, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Youtube channel sample code☆58Jun 20, 2026Updated 2 weeks ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- standard form private license for developers☆13May 16, 2021Updated 5 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆145Jun 11, 2026Updated 3 weeks ago
- MacOS Shared Library to Shellcode Loader☆70Feb 23, 2026Updated 4 months ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆95Mar 23, 2023Updated 3 years ago
- Guest to host VM escape exploit for Parallels Desktop☆28Nov 14, 2014Updated 11 years ago