cocomelonc/offzone-2024-malware-persistence-workshop external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

cocomelonc/offzone-2024-malware-persistence-workshop

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/cocomelonc/offzone-2024-malware-persistence-workshop)

Close

cocomelonc / offzone-2024-malware-persistence-workshopView on GitHubMore

• External links
• Readme badge

OFFZONE 2024 Malware Persistence workshop

☆22Dec 18, 2024Updated last year

Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / 2023-06-07-syscalls-1

  View on GitHub
  Malware dev tricks. Syscalls part 1. Simple C example
  ☆10Jun 8, 2023Updated 2 years ago
• EvilBytecode / PhantomDelay

  View on GitHub
  PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …
  ☆19May 8, 2025Updated 9 months ago
• cocomelonc / OffensiveCpp

  View on GitHub
  This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
  ☆12May 31, 2024Updated last year
• knight0x07 / NailaoLoader-Hiding-Execution-Flow

  View on GitHub
  NailaoLoader: Hiding Execution Flow via Patching
  ☆22Feb 27, 2025Updated last year
• badhive / alca

  View on GitHub
  Rule Engine for Dynamic Malware Analysis and Research
  ☆25Apr 16, 2025Updated 10 months ago
• silentwarble / hbin_template

  View on GitHub
  Post-Ex BOF tooling for Hannibal
  ☆24Nov 20, 2024Updated last year
• cocomelonc / bsprishtina-2024-maldev-workshop

  View on GitHub
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆127Jan 1, 2026Updated 2 months ago
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• EvilBytecode / Powershell-Persistance

  View on GitHub
  Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…
  ☆12Apr 21, 2025Updated 10 months ago
• 0x4m4 / buffer-overflow-lab

  View on GitHub
  A controlled environment for demonstrating and understanding buffer overflow vulnerabilities in web applications. This project is designe…
  ☆25Jan 27, 2025Updated last year
• C5Hackr / ARM64_AmsiPatch

  View on GitHub
  ☆21Jan 8, 2026Updated last month
• racoten / CannonLoader

  View on GitHub
  Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs
  ☆23Jul 11, 2025Updated 7 months ago
• RedSiege / Delta-Encoder

  View on GitHub
  ☆18Jun 25, 2024Updated last year
• 0xNinjaCyclone / dalgo

  View on GitHub
  ☆16Nov 26, 2024Updated last year
• kozmer / silentpulse

  View on GitHub
  single-threaded event driven sleep obfuscation poc for linux
  ☆38Jun 14, 2025Updated 8 months ago
• cocomelonc / 2022-06-05-malware-av-evasion-7

  View on GitHub
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆35Jun 5, 2022Updated 3 years ago
• ye231101 / viewpro-widget

  View on GitHub
  ☆32Updated this week
• Azr43lKn1ght / Rust-ProcHollow

  View on GitHub
  Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.
  ☆22Jan 6, 2025Updated last year
• EvilBytecode / PyDefender

  View on GitHub
  Anti Virtulization, Anti Debugging, AntiVM, Anti Virtual Machine, Anti Debug, Anti Sandboxie, Anti Sandbox, VM Detect package.
  ☆78Apr 27, 2025Updated 10 months ago
• EvilBytecode / TaskMgr-Troll

  View on GitHub
  Troll TaskManager, and play with it .
  ☆30Aug 3, 2025Updated 7 months ago
• EvilBytecode / Evil-Go

  View on GitHub
  A malicous Golang Package
  ☆15Apr 21, 2025Updated 10 months ago
• LimerBoy / Soviet-Thief

  View on GitHub
  Yandex browser passwords and credit-cards decryption algorithm
  ☆22Apr 8, 2025Updated 10 months ago
• ricardojoserf / SharpObfuscate

  View on GitHub
  Obfuscate payloads using IPv4, IPv6, MAC or UUID strings
  ☆23Feb 17, 2024Updated 2 years ago
• 0x6rss / keklick

  View on GitHub
  Keklick - C2 Hunting, Reporting and Visualization Tool
  ☆63Jul 23, 2025Updated 7 months ago
• EvilBytecode / Evilbytecode-Gate

  View on GitHub
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆26Apr 21, 2025Updated 10 months ago
• bladeatlas / Nest-microservices

  View on GitHub
  ☆15Feb 5, 2025Updated last year
• kypvas / LDIFToBloodHound

  View on GitHub
  A Windows tool that converts LDIF files to BloodHound CE
  ☆27Dec 20, 2025Updated 2 months ago
• Teach2Breach / snapinject_rs

  View on GitHub
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Jan 25, 2025Updated last year
• furax124 / Protect_Loader

  View on GitHub
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆82Jun 25, 2025Updated 8 months ago
• EvilBytecode / Ebyte-AMSI-ProxyInjector

  View on GitHub
  A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…
  ☆62May 16, 2025Updated 9 months ago
• Yeeb1 / SharpRDPlusSnatcher

  View on GitHub
  Exploits a flaw in Remote Desktop Plus by monitoring and decrypting temporary .rdp files in %localappdata%/Temp, revealing credentials us…
  ☆17Jul 3, 2025Updated 8 months ago
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated 2 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass

  View on GitHub
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54May 12, 2025Updated 9 months ago
• cocomelonc / hack-process-hacker2

  View on GitHub
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆23Oct 30, 2024Updated last year
• cocomelonc / 2022-04-02-malware-injection-18

  View on GitHub
  Find kernel32 base and API addresses. Simple C++ implementation
  ☆23Apr 7, 2022Updated 3 years ago
• HulkOperator / AuthStager

  View on GitHub
  ☆59Oct 24, 2024Updated last year
• cocomelonc / 2022-07-21-malware-tricks-22

  View on GitHub
  Run payload like a Lazarus Group (UuidFromStringA). C++ implementation
  ☆20Jul 24, 2022Updated 3 years ago
• b0bd0g / OneGate

  View on GitHub
  Yet another shellcode loader - but a sneaky one
  ☆25Apr 16, 2025Updated 10 months ago
• connormcgarr / Vtl1Mon

  View on GitHub
  Virtual Trust Level (VTL 1) secure call tracing
  ☆103Feb 12, 2026Updated 2 weeks ago