Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆62Updated 10 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 5 months ago
• cod3nym / Ghosting-AMSI
  Ghosting-AMSI
  ☆17Updated last month
• knight0x07 / NailaoLoader-Hiding-Execution-Flow
  NailaoLoader: Hiding Execution Flow via Patching
  ☆21Updated 3 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 10 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆58Updated 10 months ago
• Slowerzs / KeyJumper
  ☆48Updated 3 months ago
• caueb / Mockingjay
  Mockingjay process self injection POC
  ☆33Updated last year
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆49Updated last year
• susMdT / ForsHops
  ForsHops
  ☆53Updated 3 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆83Updated 3 weeks ago
• decoder-it / RelabelAbuse
  ☆61Updated last year
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆40Updated 11 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆24Updated 2 months ago
• zero2504 / FrostLock-Injection
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆25Updated 2 months ago
• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• xelemental / Mal-LNK-Generator
  ☆34Updated 2 months ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆65Updated 2 months ago
• Maldev-Academy / Alphabetfuscation
  Convert your shellcode into an ASCII string
  ☆58Updated this week
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆43Updated last week
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆36Updated 6 months ago
• V-i-x-x / win11-kernel-execution-syscall-hijack
  ☆25Updated last week
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 10 months ago
• passthehashbrowns / Being-A-Good-CLR-Host
  ☆62Updated 5 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆62Updated last week
• OtterHacker / Hooker
  ☆107Updated 7 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆72Updated 2 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 10 months ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆70Updated 8 months ago