Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆113Updated 5 months ago
• t-tani / defender2yara
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆132Updated this week
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆108Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆52Updated 6 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 10 months ago
• warpnet / COM-Fuzzer
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆129Updated 3 weeks ago
• OtterHacker / Hooker
  ☆108Updated last year
• kr0tt / EarlyExceptionHandling
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆129Updated 2 months ago
• rad9800 / talks
  ☆60Updated 6 months ago
• YoavLevi / IAT-Tracer
  An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…
  ☆120Updated last year
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆110Updated 2 years ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆68Updated last year
• reecdeep / hollowise
  Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …
  ☆39Updated 9 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆32Updated 6 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 3 months ago
• V-i-x-x / win11-kernel-execution-syscall-hijack
  Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)
  ☆48Updated 5 months ago
• whokilleddb / function-collections
  A collection of PoCs to do common things in unconventional ways
  ☆119Updated 2 months ago
• deepinstinct / ShimMe
  ☆145Updated last year
• cbwang505 / FilesystemEoPDesktopSystemShell
  Folder Or File Delete to Get System Shell on Current Session Desktop
  ☆47Updated 10 months ago
• MatheuZSecurity / UnhookingLinuxEdr
  Attacking the cleanup_module function of a kernel module
  ☆52Updated 4 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆101Updated 7 months ago
• NVISOsecurity / codasm
  Payload encoding utility to effectively lower payload entropy.
  ☆120Updated 7 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆67Updated last year
• itaymigdal / PichichiH0ll0wer
  Nim process hollowing loader
  ☆60Updated 3 months ago
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆162Updated 11 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆110Updated 9 months ago
• SafeBreach-Labs / CortexVortex
  ☆80Updated last year
• cod3nym / Deobfuscar
  A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
  ☆47Updated last year
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆64Updated 9 months ago