cocomelonc / offzone-2024-malware-persistence-workshopLinks
OFFZONE 2024 Malware Persistence workshop
☆19Updated 7 months ago
Alternatives and similar repositories for offzone-2024-malware-persistence-workshop
Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below
Sorting:
- BSides Prishtina 2024 Malware Development and Persistence workshop☆88Updated 2 months ago
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆81Updated last week
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 7 months ago
- "Service-less" driver loading☆157Updated 8 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆117Updated last year
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆75Updated 3 months ago
- CVE-2024-30090 - LPE PoC☆107Updated 9 months ago
- Windows AppLocker Driver (appid.sys) LPE☆62Updated last year
- Proof of Concept example for abusing Process Hacker 2 (v2.39.124)☆22Updated 9 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆168Updated 4 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules☆100Updated this week
- Demoting PPL anti-malware services to less than a guest user☆64Updated 6 months ago
- ☆107Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated 11 months ago
- A 64 bit executable junk code engine for polymorphic malware.☆64Updated last month
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆65Updated 3 months ago
- Nim process hollowing loader☆59Updated 2 weeks ago
- shell code example☆61Updated 2 months ago
- Windows x64 kernel mode rootkit process hollowing POC.☆191Updated 2 years ago
- Construct the payload at runtime using an array of offsets☆63Updated last year
- .NET tool used to enrich RPC telemetry☆95Updated last month
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆48Updated 2 months ago
- Red Team Operation's Defense Evasion Technique.☆53Updated last year
- ☆144Updated 9 months ago
- A more reliable way of resolving syscall numbers in Windows☆52Updated last year
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆107Updated 5 months ago
- Early cascade injection PoC based on Outflanks blog post written in Rust☆55Updated 6 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- ☆57Updated 3 months ago