cocomelonc / meow
Cybersecurity research results. Simple C/C++ and Python implementations
☆162Updated last week
Related projects: ⓘ
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆320Updated 3 months ago
- My collection of malware dev links☆235Updated 2 weeks ago
- Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.☆214Updated 2 years ago
- Performing Indirect Clean Syscalls☆451Updated last year
- Important notes and topics on my journey towards mastering Windows Internals☆330Updated 4 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆532Updated 3 weeks ago
- ☆303Updated 11 months ago
- Because AV evasion should be easy.☆297Updated 2 months ago
- ☆242Updated 7 months ago
- Centralized resource for listing and organizing known injection techniques and POCs☆212Updated last month
- Slides & Code snippets for a workshop held @ x33fcon 2024☆228Updated 3 months ago
- Analyse your malware to surgically obfuscate it☆373Updated 11 months ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆365Updated last year
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆154Updated 8 months ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆320Updated 7 months ago
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆475Updated 5 months ago
- "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS☆176Updated 4 months ago
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆367Updated last month
- Automated DLL Sideloading Tool With EDR Evasion Capabilities☆452Updated 9 months ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆227Updated 3 months ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆332Updated last year
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆254Updated last year
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆431Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆443Updated 7 months ago
- ☆263Updated last month
- ☆222Updated this week
- Process Injection using Thread Name☆228Updated 3 weeks ago
- Tools for analyzing EDR agents☆200Updated 3 months ago
- ☆204Updated this week
- A tutorial on how to write a packer for Windows!☆240Updated 9 months ago