Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆124Updated last month
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆73Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 8 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆108Updated last year
• kr0tt / EarlyExceptionHandling
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆136Updated 5 months ago
• whokilleddb / function-collections
  A collection of PoCs to do common things in unconventional ways
  ☆122Updated 5 months ago
• warpnet / COM-Fuzzer
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆156Updated 2 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆71Updated last year
• OtterHacker / Hooker
  ☆108Updated last year
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 6 months ago
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆50Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated last year
• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• hwbp / LazyHook
  Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.
  ☆129Updated 2 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• WKL-Sec / FuncAddressPro
  A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
  ☆72Updated last year
• patrickt2017 / VEHNetLoader
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆50Updated 7 months ago
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆27Updated last year
• ghostbyt3 / WinDriver-EXP
  This repo contains PoCs for vulnerable Windows drivers.
  ☆126Updated last month
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆75Updated 7 months ago
• c2pain / RustBird
  Early Bird APC Injection in Rust
  ☆63Updated last year
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆67Updated last month
• furax124 / Protect_Loader
  A fucking real shellcode loader with a GUI. Work-in-Progress.
  ☆81Updated 7 months ago
• alex3O / BYOVD-DriverKiller
  Driver Reverse & Exploitation
  ☆82Updated 5 months ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆68Updated last year
• cbrnrd / maliketh
  🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
  ☆45Updated this week
• V-i-x-x / win11-kernel-execution-syscall-hijack
  Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
  ☆56Updated 7 months ago
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆23Updated last year
• rbmm / SC
  shell code example
  ☆67Updated 2 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year