Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆59Updated 10 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆57Updated 9 months ago
• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆81Updated last week
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆53Updated 4 months ago
• 20urc3 / Aplos
  Aplos an extremely simple fuzzer for Windows binaries.
  ☆69Updated 3 months ago
• rad9800 / talks
  ☆55Updated last month
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆48Updated last year
• 0prrr / Malwear-Sweet
  Malware?
  ☆70Updated 7 months ago
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆73Updated 9 months ago
• knight0x07 / NailaoLoader-Hiding-Execution-Flow
  NailaoLoader: Hiding Execution Flow via Patching
  ☆21Updated 3 months ago
• NUL0x4C / GP
  using the gpu to hide your payload
  ☆58Updated 2 years ago
• Archie-osu / PowerHook
  Hooking KPRCB IdlePreselect function to gain execution inside PID 0.
  ☆63Updated last month
• decoder-it / RelabelAbuse
  ☆61Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 5 months ago
• CaptainNox / Hypnos
  A more reliable way of resolving syscall numbers in Windows
  ☆49Updated last year
• HulkOperator / AuthStager
  ☆55Updated 7 months ago
• caueb / Mockingjay
  Mockingjay process self injection POC
  ☆32Updated last year
• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated last year
• ZeroMemoryEx / SleepKiller
  Bypass Malware Time Delays
  ☆101Updated 2 years ago
• m417z / thread-call-stack-scanner
  Safely manage the unloading of DLLs that have been hooked into a process. Context: https://github.com/KNSoft/KNSoft.SlimDetours/discussio…
  ☆76Updated last month
• pygrum / gimmick
  Section-based payload obfuscation technique for x64
  ☆59Updated 9 months ago
• matterpreter / cpuid
  A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class
  ☆26Updated last year
• Slowerzs / KeyJumper
  ☆46Updated 2 months ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆40Updated 10 months ago
• FarghlyMal / leaked_src
  some leaked src code for known and unknown malwares
  ☆21Updated 2 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated 7 months ago
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆22Updated last month
• frkngksl / UnlinkDLL
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆57Updated last year
• x0reaxeax / PageSplit
  Splitting and executing shellcode across multiple pages
  ☆103Updated last year
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆81Updated last year