cocomelonc / offzone-2024-malware-persistence-workshop

Related projects ⓘ

Alternatives and complementary repositories for offzone-2024-malware-persistence-workshop

• silentwarble / Hannibal
  Mythic C2 Agent written in x64 PIC C
  ☆26Updated this week
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆40Updated last year
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆36Updated 3 months ago
• vatsalgupta67 / Process-Hollowing
  Red Team Operation's Defense Evasion Technique.
  ☆52Updated 5 months ago
• Cracked5pider / unguard-eat
  havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets
  ☆25Updated 3 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆61Updated last month
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated last year
• Orange-Cyberdefense / EDRSnowblast
  This project is an EDRSandblast fork, adding some features and custom pieces of code.
  ☆21Updated last year
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆22Updated 2 months ago
• cod3nym / Deobfuscar
  A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
  ☆38Updated 5 months ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• cocomelonc / 2022-06-05-malware-av-evasion-7
  Malware AV evasion via disable Windows Defender (Registry). C++
  ☆35Updated 2 years ago
• nothingspecialforu / EvtPsst
  EvtPsst
  ☆54Updated last year
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆24Updated last year
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆67Updated 7 months ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆30Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• yoavshah / ImportlessApi
  ☆18Updated 11 months ago
• Cracked5pider / kaine-assembly
  a demo module for the kaine agent to execute and inject assembly modules
  ☆37Updated 2 months ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆58Updated 3 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆68Updated last year
• hasherezade / shellc_encoder
  Standalone Metasploit-like XOR encoder for shellcode
  ☆46Updated 6 months ago
• lleon1435 / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆14Updated last year
• knight0x07 / BumbleCrypt
  A Bumblebee-inspired Crypter
  ☆80Updated last year
• hlldz / misc
  miscellaneous codes
  ☆35Updated last year
• assume-breach / Malware_Project
  ☆33Updated last year
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆62Updated this week
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated last year