cocomelonc / offzone-2024-malware-persistence-workshopLinks
OFFZONE 2024 Malware Persistence workshop
☆19Updated 8 months ago
Alternatives and similar repositories for offzone-2024-malware-persistence-workshop
Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below
Sorting:
- BSides Prishtina 2024 Malware Development and Persistence workshop☆94Updated 3 months ago
- Windows AppLocker Driver (appid.sys) LPE☆63Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 7 months ago
- shell code example☆62Updated 3 months ago
- A collection of PoCs to do common things in unconventional ways☆34Updated this week
- CVE-2024-30090 - LPE PoC☆107Updated 10 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆79Updated 4 months ago
- ☆37Updated last year
- ☆58Updated 4 months ago
- Unhook Ntdll.dll, Go & C++.☆27Updated 4 months ago
- Create Anti-Copy DRM Malware☆63Updated last year
- Malware?☆74Updated 10 months ago
- ☆108Updated 9 months ago
- "Service-less" driver loading☆159Updated 9 months ago
- Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)☆44Updated 2 months ago
- Template-based generation of shellcode loaders☆79Updated last year
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆23Updated 9 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆72Updated last month
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- HEVD Exploit: BufferOverflowNonPagedPoolNx on Windows 10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion☆59Updated 4 months ago
- ☆108Updated 2 years ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 5 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆48Updated 3 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆169Updated 5 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆119Updated this week
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- ☆49Updated 5 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- A 64 bit executable junk code engine for polymorphic malware.☆65Updated 2 months ago