Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆85Updated last month
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 6 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆62Updated 11 months ago
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆48Updated last month
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 5 months ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆117Updated last year
• Slowerzs / KeyJumper
  ☆48Updated 3 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆63Updated last year
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆61Updated 11 months ago
• SafeBreach-Labs / CortexVortex
  ☆78Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆75Updated 11 months ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆100Updated last year
• brosck / L1LKiller
  「⚠️」Performing a BYOVD on the truesight.sys driver
  ☆38Updated 7 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated 8 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆22Updated 8 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆25Updated 2 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆50Updated last year
• FarghlyMal / leaked_src
  some leaked src code for known and unknown malwares
  ☆22Updated 3 months ago
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆47Updated last year
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆51Updated last year
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆59Updated 10 months ago
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆53Updated last year
• rad9800 / talks
  ☆57Updated 2 months ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆65Updated 3 months ago
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆54Updated 5 months ago
• OtterHacker / Hooker
  ☆107Updated 8 months ago
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆36Updated 2 weeks ago
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆86Updated 2 years ago
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆72Updated last week