Alternatives and similar repositories for offzone-2024-malware-persistence-workshop:

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆66Updated 5 months ago
• HulkOperator / AuthStager
  ☆54Updated 5 months ago
• knight0x07 / NailaoLoader-Hiding-Execution-Flow
  NailaoLoader: Hiding Execution Flow via Patching
  ☆19Updated last month
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆26Updated last month
• Karkas66 / CelestialSpark
  A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
  ☆84Updated 11 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆53Updated 7 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆54Updated 2 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆47Updated 10 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆21Updated 4 months ago
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆42Updated 8 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 8 months ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆40Updated 4 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆21Updated 8 months ago
• caueb / Mockingjay
  Mockingjay process self injection POC
  ☆29Updated last year
• 0xTriboulet / Abomination
  A synergized Visual Studio and Rust development environment
  ☆19Updated 2 months ago
• 7eRoM / tutorials
  ☆15Updated last month
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 7 months ago
• zero2504 / FrostLock-Injection
  FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…
  ☆14Updated 2 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 7 months ago
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆76Updated 7 months ago
• cocomelonc / 2022-06-05-malware-av-evasion-7
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆35Updated 2 years ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆48Updated last year
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆23Updated 7 months ago
• rbmm / SC
  shell code example
  ☆33Updated 2 weeks ago
• gscamelo / OSEE
  All efforts for the AWE course and preparation for the Offensive Security Exploitation Expert (OSEE) exam.
  ☆44Updated 4 years ago
• 0xjbb / vehspoof
  Callstack spoofing using a VEH because VEH all the things.
  ☆17Updated last week
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆44Updated last year