Alternatives and similar repositories for offzone-2024-malware-persistence-workshop:

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆47Updated 5 months ago
• affix / rusty-hollow
  Unix Process hollowing in rust
  ☆20Updated last month
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆46Updated 8 months ago
• tyranid / windows-memory-access-traps
  A few examples of how to trap virtual memory access on Windows.
  ☆18Updated last month
• rbmm / Hollowed-Process
  ☆26Updated 3 months ago
• SpiralBL0CK / CVE-2024-40431-CVE-2022-25479-EOP-CHAIN
  CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)
  ☆44Updated 3 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆42Updated 2 years ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated last year
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆26Updated 5 months ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• cod3nym / Deobfuscar
  A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
  ☆38Updated 7 months ago
• som3canadian / Mythic_NimSyscallPacker_Wrapper
  Mythic C2 wrapper for NimSyscallPacker
  ☆22Updated last month
• Uri3n / Advanced-TLS-Injection
  Threadless injection via TLS callbacks
  ☆16Updated last month
• fern89 / runpe-x64
  RunPE adapted for x64 and written in C, does not use RWX
  ☆24Updated 8 months ago
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆38Updated 4 months ago
• Real-Cryillic / Sarla
  It's what all the kids are talking about
  ☆12Updated last year
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆24Updated last year
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆46Updated last year
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆41Updated last year
• Teach2Breach / snapinject_rs
  based on https://gitlab.com/ORCA000/snaploader
  ☆42Updated last month
• lem0nSec / Dsebler
  Reimplementation of the KExecDD DSE bypass technique.
  ☆46Updated 4 months ago
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆21Updated last year
• assume-breach / Malware_Project
  ☆33Updated 2 years ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆64Updated 2 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆19Updated 2 months ago
• cocomelonc / 2022-06-05-malware-av-evasion-7
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆35Updated 2 years ago
• S3cur3Th1sSh1t / nim-strenc
  string encryption in Nim
  ☆17Updated 7 months ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆40Updated 2 months ago