Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆94Updated 3 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆63Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 7 months ago
• rbmm / SC
  shell code example
  ☆62Updated 3 months ago
• whokilleddb / function-collections
  A collection of PoCs to do common things in unconventional ways
  ☆34Updated this week
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated 10 months ago
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆79Updated 4 months ago
• CarlosG13 / Process-Hypnosis-Debugger-assisted-control-flow-hijack
  ☆37Updated last year
• rad9800 / talks
  ☆58Updated 4 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆27Updated 4 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆63Updated last year
• 0prrr / Malwear-Sweet
  Malware?
  ☆74Updated 10 months ago
• OtterHacker / Hooker
  ☆108Updated 9 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆159Updated 9 months ago
• V-i-x-x / win11-kernel-execution-syscall-hijack
  Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
  ☆44Updated 2 months ago
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆79Updated last year
• cocomelonc / hack-process-hacker2
  Proof of Concept example for abusing Process Hacker 2 (v2.39.124)
  ☆23Updated 9 months ago
• ngn13 / shrk
  LKM rootkit for modern kernels, with DNS C2 and a simple web interface
  ☆72Updated last month
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆99Updated last year
• ommadawn46 / HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2
  HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion
  ☆59Updated 4 months ago
• ghostpepper108 / Evasion
  ☆108Updated 2 years ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Updated 5 months ago
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆48Updated 3 months ago
• Maldev-Academy / GhostlyHollowingViaTamperedSyscalls
  Implementing the ghostly hollowing PE injection technique using tampered syscalls.
  ☆169Updated 5 months ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆119Updated this week
• maliciousgroup / RDI-SRDI
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆86Updated 2 years ago
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆64Updated last year
• Slowerzs / KeyJumper
  ☆49Updated 5 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆65Updated 2 months ago