Alternatives and similar repositories for offzone-2024-malware-persistence-workshop

Users that are interested in offzone-2024-malware-persistence-workshop are comparing it to the libraries listed below

• cocomelonc / bsprishtina-2024-maldev-workshop
  BSides Prishtina 2024 Malware Development and Persistence workshop
  ☆121Updated 7 months ago
• Crowdfense / CVE-2024-21338
  Windows AppLocker Driver (appid.sys) LPE
  ☆71Updated last year
• OtterHacker / Hooker
  ☆108Updated last year
• EvilBytecode / EvilByte-Remote-AMSI-Bypass
  Bypasses AMSI protection through remote memory patching and parsing technique.
  ☆54Updated 7 months ago
• Kudaes / Eclipse
  Activation Context Hijack
  ☆169Updated 4 months ago
• Whitecat18 / earlycascade-injection
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆65Updated this week
• warpnet / COM-Fuzzer
  Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…
  ☆154Updated last month
• Maldev-Academy / CodeSearchDemo
  ☆41Updated last year
• EvilBytecode / Shellcode-Loader
  This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
  ☆90Updated 8 months ago
• kr0tt / EarlyExceptionHandling
  Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH
  ☆133Updated 4 months ago
• pulpocaminante / PPL-0day
  Demoting PPL anti-malware services to less than a guest user
  ☆66Updated 11 months ago
• CyberSecurityUP / ProcessKiller-BYOVD
  BYOVD Technique Example using viragt64 driver
  ☆65Updated last year
• S3N4T0R-0X0 / Hunter
  Охотник (Hunter) is a simple Adversary Simulation tool developed for achieves stealth through API unhooking, direct and indirect syscalls…
  ☆90Updated 8 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆107Updated last year
• xaitax / NTSleuth
  Comprehensive Windows Syscall Extraction & Analysis Framework
  ☆159Updated 4 months ago
• Maldev-Academy / TrapFlagForSyscalling
  Bypass user-land hooks by syscall tampering via the Trap Flag
  ☆136Updated 4 months ago
• r0keb / TrashFormer
  A 64 bit executable junk code engine for polymorphic malware.
  ☆74Updated 6 months ago
• offalltn / gitC2
  POC of GITHUB simple C2 in rust
  ☆52Updated 5 months ago
• Maldev-Academy / DRMBinViaOrdinalImports
  Create Anti-Copy DRM Malware
  ☆69Updated last year
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆74Updated 11 months ago
• hdks-bug / redteam-techniques
  Collection of red team techniques.
  ☆64Updated 8 months ago
• rad9800 / talks
  ☆59Updated 8 months ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated 6 months ago
• voidvxvi / HellBunny
  Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
  ☆133Updated last year
• patrickt2017 / VEHNetLoader
  Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies
  ☆49Updated 5 months ago
• Karkas66 / CelestialSpark
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆102Updated 9 months ago
• whokilleddb / function-collections
  A collection of PoCs to do common things in unconventional ways
  ☆121Updated 4 months ago
• NVISOsecurity / codasm
  Payload encoding utility to effectively lower payload entropy.
  ☆120Updated 8 months ago
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆51Updated last year
• alex3O / BYOVD-DriverKiller
  Driver Reverse & Exploitation
  ☆82Updated 3 months ago